7194449: String resources for Key Tool and Policy Tool should be in their respective packages
authorsflores
Sun, 14 Oct 2012 22:58:59 +0100
changeset 14182 3041082abb40
parent 14181 f723098d438c
child 14183 26e97eede839
7194449: String resources for Key Tool and Policy Tool should be in their respective packages Reviewed-by: alanb, weijun, mullan
jdk/make/common/Release.gmk
jdk/make/launchers/Makefile
jdk/make/sun/security/tools/Makefile
jdk/makefiles/CompileLaunchers.gmk
jdk/makefiles/CreateJars.gmk
jdk/src/share/classes/sun/security/tools/CertAndKeyGen.java
jdk/src/share/classes/sun/security/tools/JarSigner.java
jdk/src/share/classes/sun/security/tools/JarSignerResources.java
jdk/src/share/classes/sun/security/tools/JarSignerResources_ja.java
jdk/src/share/classes/sun/security/tools/JarSignerResources_zh_CN.java
jdk/src/share/classes/sun/security/tools/KeyStoreUtil.java
jdk/src/share/classes/sun/security/tools/KeyTool.java
jdk/src/share/classes/sun/security/tools/TimestampedSigner.java
jdk/src/share/classes/sun/security/tools/jarsigner/Main.java
jdk/src/share/classes/sun/security/tools/jarsigner/Resources.java
jdk/src/share/classes/sun/security/tools/jarsigner/Resources_ja.java
jdk/src/share/classes/sun/security/tools/jarsigner/Resources_zh_CN.java
jdk/src/share/classes/sun/security/tools/jarsigner/TimestampedSigner.java
jdk/src/share/classes/sun/security/tools/keytool/CertAndKeyGen.java
jdk/src/share/classes/sun/security/tools/keytool/Main.java
jdk/src/share/classes/sun/security/tools/keytool/Resources.java
jdk/src/share/classes/sun/security/tools/keytool/Resources_de.java
jdk/src/share/classes/sun/security/tools/keytool/Resources_es.java
jdk/src/share/classes/sun/security/tools/keytool/Resources_fr.java
jdk/src/share/classes/sun/security/tools/keytool/Resources_it.java
jdk/src/share/classes/sun/security/tools/keytool/Resources_ja.java
jdk/src/share/classes/sun/security/tools/keytool/Resources_ko.java
jdk/src/share/classes/sun/security/tools/keytool/Resources_pt_BR.java
jdk/src/share/classes/sun/security/tools/keytool/Resources_sv.java
jdk/src/share/classes/sun/security/tools/keytool/Resources_zh_CN.java
jdk/src/share/classes/sun/security/tools/keytool/Resources_zh_HK.java
jdk/src/share/classes/sun/security/tools/keytool/Resources_zh_TW.java
jdk/src/share/classes/sun/security/tools/policytool/PolicyTool.java
jdk/src/share/classes/sun/security/tools/policytool/Resources.java
jdk/src/share/classes/sun/security/tools/policytool/Resources_de.java
jdk/src/share/classes/sun/security/tools/policytool/Resources_es.java
jdk/src/share/classes/sun/security/tools/policytool/Resources_fr.java
jdk/src/share/classes/sun/security/tools/policytool/Resources_it.java
jdk/src/share/classes/sun/security/tools/policytool/Resources_ja.java
jdk/src/share/classes/sun/security/tools/policytool/Resources_ko.java
jdk/src/share/classes/sun/security/tools/policytool/Resources_pt_BR.java
jdk/src/share/classes/sun/security/tools/policytool/Resources_sv.java
jdk/src/share/classes/sun/security/tools/policytool/Resources_zh_CN.java
jdk/src/share/classes/sun/security/tools/policytool/Resources_zh_HK.java
jdk/src/share/classes/sun/security/tools/policytool/Resources_zh_TW.java
jdk/src/share/classes/sun/security/util/Resources.java
jdk/src/share/classes/sun/security/util/Resources_de.java
jdk/src/share/classes/sun/security/util/Resources_es.java
jdk/src/share/classes/sun/security/util/Resources_fr.java
jdk/src/share/classes/sun/security/util/Resources_it.java
jdk/src/share/classes/sun/security/util/Resources_ja.java
jdk/src/share/classes/sun/security/util/Resources_ko.java
jdk/src/share/classes/sun/security/util/Resources_pt_BR.java
jdk/src/share/classes/sun/security/util/Resources_sv.java
jdk/src/share/classes/sun/security/util/Resources_zh_CN.java
jdk/src/share/classes/sun/security/util/Resources_zh_TW.java
jdk/test/sun/security/pkcs12/PKCS12SameKeyId.java
jdk/test/sun/security/tools/jarsigner/JarSigningNonAscii.java
jdk/test/sun/security/tools/jarsigner/LargeJarEntry.java
jdk/test/sun/security/tools/keytool/CloseFile.java
jdk/test/sun/security/tools/keytool/KeyToolTest.java
jdk/test/sun/security/tools/keytool/NewSize7.java
jdk/test/sun/security/tools/keytool/StartDateTest.java
jdk/test/sun/security/tools/keytool/UnknownAndUnparseable.java
jdk/test/sun/security/tools/keytool/autotest.sh
jdk/test/sun/security/tools/keytool/standard.sh
jdk/test/sun/security/util/Resources/Format.java
jdk/test/sun/security/util/Resources/NewNamesFormat.java
jdk/test/sun/security/util/Resources/NewResourcesNames.java
jdk/test/sun/security/x509/AlgorithmId/NonStandardNames.java
--- a/jdk/make/common/Release.gmk	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/make/common/Release.gmk	Sun Oct 14 22:58:59 2012 +0100
@@ -348,15 +348,15 @@
 	sun/tools/serialver	\
 	sun/tools/tree		\
 	sun/tools/util		\
-	sun/security/tools/JarBASE64Encoder.class \
-	sun/security/tools/JarSigner.class \
-	sun/security/tools/JarSignerParameters.class \
-	sun/security/tools/JarSignerResources.class \
-	sun/security/tools/JarSignerResources_ja.class \
-	sun/security/tools/JarSignerResources_zh_CN.class \
-	sun/security/tools/SignatureFile\$$Block.class \
-	sun/security/tools/SignatureFile.class \
-	sun/security/tools/TimestampedSigner.class \
+	sun/security/tools/jarsigner/JarBASE64Encoder.class \
+	sun/security/tools/jarsigner/Main.class \
+	sun/security/tools/jarsigner/JarSignerParameters.class \
+	sun/security/tools/jarsigner/Resources.class \
+	sun/security/tools/jarsigner/Resources_ja.class \
+	sun/security/tools/jarsigner/Resources_zh_CN.class \
+	sun/security/tools/jarsigner/SignatureFile\$$Block.class \
+	sun/security/tools/jarsigner/SignatureFile.class \
+	sun/security/tools/jarsigner/TimestampedSigner.class \
 	sun/rmi/rmic		\
 	sun/applet		\
 	sun/jvmstat		\
@@ -572,15 +572,15 @@
 	$(ECHO) "sun/tools/serialver/" >> $@
 	$(ECHO) "sun/tools/tree/" >> $@
 	$(ECHO) "sun/tools/util/" >> $@
-	$(ECHO) "sun/security/tools/JarBASE64Encoder.class" >> $@
-	$(ECHO) "sun/security/tools/JarSigner.class" >> $@
-	$(ECHO) "sun/security/tools/JarSignerParameters.class" >> $@
-	$(ECHO) "sun/security/tools/JarSignerResources.class" >> $@
-	$(ECHO) "sun/security/tools/JarSignerResources_ja.class" >> $@
-	$(ECHO) "sun/security/tools/JarSignerResources_zh_CN.class" >> $@
-	$(ECHO) "sun/security/tools/SignatureFile\$$Block.class" >> $@
-	$(ECHO) "sun/security/tools/SignatureFile.class" >> $@
-	$(ECHO) "sun/security/tools/TimestampedSigner.class" >> $@
+	$(ECHO) "sun/security/tools/jarsigner/JarBASE64Encoder.class" >> $@
+	$(ECHO) "sun/security/tools/jarsigner/Main.class" >> $@
+	$(ECHO) "sun/security/tools/jarsigner/JarSignerParameters.class" >> $@
+	$(ECHO) "sun/security/tools/jarsigner/Resources.class" >> $@
+	$(ECHO) "sun/security/tools/jarsigner/Resources_ja.class" >> $@
+	$(ECHO) "sun/security/tools/jarsigner/Resources_zh_CN.class" >> $@
+	$(ECHO) "sun/security/tools/jarsigner/SignatureFile\$$Block.class" >> $@
+	$(ECHO) "sun/security/tools/jarsigner/SignatureFile.class" >> $@
+	$(ECHO) "sun/security/tools/jarsigner/TimestampedSigner.class" >> $@
 	$(ECHO) "sun/security/provider/Sun.class" >> $@
 	$(ECHO) "sun/security/rsa/SunRsaSign.class" >> $@
 	$(ECHO) "sun/security/ssl/" >> $@
--- a/jdk/make/launchers/Makefile	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/make/launchers/Makefile	Sun Oct 14 22:58:59 2012 +0100
@@ -58,7 +58,7 @@
 $(call make-launcher, extcheck, com.sun.tools.extcheck.Main, , )
 $(call make-launcher, idlj, com.sun.tools.corba.se.idl.toJavaPortable.Compile, , )
 $(call make-launcher, jar, sun.tools.jar.Main, , )
-$(call make-launcher, jarsigner, sun.security.tools.JarSigner, , )
+$(call make-launcher, jarsigner, sun.security.tools.jarsigner.Main, , )
 $(call make-launcher, javac, com.sun.tools.javac.Main, , )
 $(call make-launcher, javadoc, com.sun.tools.javadoc.Main, , )
 $(call make-launcher, javah, com.sun.tools.javah.Main, , )
--- a/jdk/make/sun/security/tools/Makefile	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/make/sun/security/tools/Makefile	Sun Oct 14 22:58:59 2012 +0100
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -37,7 +37,7 @@
 # Resources
 #
 LOCALE_SET_DEFINITION = jdk
-RESOURCE_BUNDLES_JAVA = sun/security/tools/JarSignerResources.java
+RESOURCE_BUNDLES_JAVA = sun/security/tools/jarsigner/Resources.java
 
 #
 # Rules
@@ -45,7 +45,7 @@
 include $(BUILDDIR)/common/Classes.gmk
 
 build:
-	$(call make-launcher, keytool, sun.security.tools.KeyTool, , )
+	$(call make-launcher, keytool, sun.security.tools.keytool.Main, , )
 ifndef BUILD_HEADLESS_ONLY
 	$(call make-launcher, policytool, sun.security.tools.policytool.PolicyTool, , )
 endif
--- a/jdk/makefiles/CompileLaunchers.gmk	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/makefiles/CompileLaunchers.gmk	Sun Oct 14 22:58:59 2012 +0100
@@ -232,7 +232,7 @@
     -DJAVA_ARGS='{ "-J-ms8m"$(COMMA) "sun.tools.jar.Main"$(COMMA) }'))
 
 $(eval $(call SetupLauncher,jarsigner,\
-    -DJAVA_ARGS='{ "-J-ms8m"$(COMMA) "sun.security.tools.JarSigner"$(COMMA) }'))
+    -DJAVA_ARGS='{ "-J-ms8m"$(COMMA) "sun.security.tools.jarsigner.Main"$(COMMA) }'))
 
 $(eval $(call SetupLauncher,javac,\
     -DEXPAND_CLASSPATH_WILDCARDS \
@@ -310,7 +310,7 @@
     -DJAVA_ARGS='{ "-J-ms8m"$(COMMA) "sun.tools.jstatd.Jstatd"$(COMMA) }'))
 
 $(eval $(call SetupLauncher,keytool,\
-    -DJAVA_ARGS='{ "-J-ms8m"$(COMMA) "sun.security.tools.KeyTool"$(COMMA) }'))
+    -DJAVA_ARGS='{ "-J-ms8m"$(COMMA) "sun.security.tools.keytool.Main"$(COMMA) }'))
 
 $(eval $(call SetupLauncher,native2ascii,\
     -DJAVA_ARGS='{ "-J-ms8m"$(COMMA) "sun.tools.native2ascii.Main"$(COMMA) }'))
--- a/jdk/makefiles/CreateJars.gmk	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/makefiles/CreateJars.gmk	Sun Oct 14 22:58:59 2012 +0100
@@ -131,15 +131,15 @@
 	sun/tools/serialver \
 	sun/tools/tree \
 	sun/tools/util \
-	sun/security/tools/JarBASE64Encoder.class \
-	sun/security/tools/JarSigner.class \
-	sun/security/tools/JarSignerParameters.class \
-	sun/security/tools/JarSignerResources.class \
-	sun/security/tools/JarSignerResources_ja.class \
-	sun/security/tools/JarSignerResources_zh_CN.class \
-	sun/security/tools/SignatureFile\$$$$Block.class \
-	sun/security/tools/SignatureFile.class \
-	sun/security/tools/TimestampedSigner.class \
+	sun/security/tools/jarsigner/JarBASE64Encoder.class \
+	sun/security/tools/jarsigner/Main.class \
+	sun/security/tools/jarsigner/JarSignerParameters.class \
+	sun/security/tools/jarsigner/Resources.class \
+	sun/security/tools/jarsigner/Resources_ja.class \
+	sun/security/tools/jarsigner/Resources_zh_CN.class \
+	sun/security/tools/jarsigner/SignatureFile\$$$$Block.class \
+	sun/security/tools/jarsigner/SignatureFile.class \
+	sun/security/tools/jarsigner/TimestampedSigner.class \
 	sun/security/provider/Sun.class \
 	sun/security/rsa/SunRsaSign.class \
 	sun/security/ssl \
--- a/jdk/src/share/classes/sun/security/tools/CertAndKeyGen.java	Sat Oct 13 10:15:57 2012 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,328 +0,0 @@
-/*
- * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package sun.security.tools;
-
-import java.io.IOException;
-import java.security.cert.X509Certificate;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateEncodingException;
-import java.security.*;
-import java.util.Date;
-
-import sun.security.pkcs10.PKCS10;
-import sun.security.x509.*;
-
-
-/**
- * Generate a pair of keys, and provide access to them.  This class is
- * provided primarily for ease of use.
- *
- * <P>This provides some simple certificate management functionality.
- * Specifically, it allows you to create self-signed X.509 certificates
- * as well as PKCS 10 based certificate signing requests.
- *
- * <P>Keys for some public key signature algorithms have algorithm
- * parameters, such as DSS/DSA.  Some sites' Certificate Authorities
- * adopt fixed algorithm parameters, which speeds up some operations
- * including key generation and signing.  <em>At this time, this interface
- * does not provide a way to provide such algorithm parameters, e.g.
- * by providing the CA certificate which includes those parameters.</em>
- *
- * <P>Also, note that at this time only signature-capable keys may be
- * acquired through this interface.  Diffie-Hellman keys, used for secure
- * key exchange, may be supported later.
- *
- * @author David Brownell
- * @author Hemma Prafullchandra
- * @see PKCS10
- * @see X509CertImpl
- */
-public final class CertAndKeyGen {
-    /**
-     * Creates a CertAndKeyGen object for a particular key type
-     * and signature algorithm.
-     *
-     * @param keyType type of key, e.g. "RSA", "DSA"
-     * @param sigAlg name of the signature algorithm, e.g. "MD5WithRSA",
-     *          "MD2WithRSA", "SHAwithDSA".
-     * @exception NoSuchAlgorithmException on unrecognized algorithms.
-     */
-    public CertAndKeyGen (String keyType, String sigAlg)
-    throws NoSuchAlgorithmException
-    {
-        keyGen = KeyPairGenerator.getInstance(keyType);
-        this.sigAlg = sigAlg;
-    }
-
-    /**
-     * Creates a CertAndKeyGen object for a particular key type,
-     * signature algorithm, and provider.
-     *
-     * @param keyType type of key, e.g. "RSA", "DSA"
-     * @param sigAlg name of the signature algorithm, e.g. "MD5WithRSA",
-     *          "MD2WithRSA", "SHAwithDSA".
-     * @param providerName name of the provider
-     * @exception NoSuchAlgorithmException on unrecognized algorithms.
-     * @exception NoSuchProviderException on unrecognized providers.
-     */
-    public CertAndKeyGen (String keyType, String sigAlg, String providerName)
-    throws NoSuchAlgorithmException, NoSuchProviderException
-    {
-        if (providerName == null) {
-            keyGen = KeyPairGenerator.getInstance(keyType);
-        } else {
-            try {
-                keyGen = KeyPairGenerator.getInstance(keyType, providerName);
-            } catch (Exception e) {
-                // try first available provider instead
-                keyGen = KeyPairGenerator.getInstance(keyType);
-            }
-        }
-        this.sigAlg = sigAlg;
-    }
-
-    /**
-     * Sets the source of random numbers used when generating keys.
-     * If you do not provide one, a system default facility is used.
-     * You may wish to provide your own source of random numbers
-     * to get a reproducible sequence of keys and signatures, or
-     * because you may be able to take advantage of strong sources
-     * of randomness/entropy in your environment.
-     */
-    public void         setRandom (SecureRandom generator)
-    {
-        prng = generator;
-    }
-
-    // want "public void generate (X509Certificate)" ... inherit DSA/D-H param
-
-    /**
-     * Generates a random public/private key pair, with a given key
-     * size.  Different algorithms provide different degrees of security
-     * for the same key size, because of the "work factor" involved in
-     * brute force attacks.  As computers become faster, it becomes
-     * easier to perform such attacks.  Small keys are to be avoided.
-     *
-     * <P>Note that not all values of "keyBits" are valid for all
-     * algorithms, and not all public key algorithms are currently
-     * supported for use in X.509 certificates.  If the algorithm
-     * you specified does not produce X.509 compatible keys, an
-     * invalid key exception is thrown.
-     *
-     * @param keyBits the number of bits in the keys.
-     * @exception InvalidKeyException if the environment does not
-     *  provide X.509 public keys for this signature algorithm.
-     */
-    public void generate (int keyBits)
-    throws InvalidKeyException
-    {
-        KeyPair pair;
-
-        try {
-            if (prng == null) {
-                prng = new SecureRandom();
-            }
-            keyGen.initialize(keyBits, prng);
-            pair = keyGen.generateKeyPair();
-
-        } catch (Exception e) {
-            throw new IllegalArgumentException(e.getMessage());
-        }
-
-        publicKey = pair.getPublic();
-        privateKey = pair.getPrivate();
-
-        // publicKey's format must be X.509 otherwise
-        // the whole CertGen part of this class is broken.
-        if (!"X.509".equalsIgnoreCase(publicKey.getFormat())) {
-            throw new IllegalArgumentException("publicKey's is not X.509, but "
-                    + publicKey.getFormat());
-        }
-    }
-
-
-    /**
-     * Returns the public key of the generated key pair if it is of type
-     * <code>X509Key</code>, or null if the public key is of a different type.
-     *
-     * XXX Note: This behaviour is needed for backwards compatibility.
-     * What this method really should return is the public key of the
-     * generated key pair, regardless of whether or not it is an instance of
-     * <code>X509Key</code>. Accordingly, the return type of this method
-     * should be <code>PublicKey</code>.
-     */
-    public X509Key getPublicKey()
-    {
-        if (!(publicKey instanceof X509Key)) {
-            return null;
-        }
-        return (X509Key)publicKey;
-    }
-
-    /**
-     * Always returns the public key of the generated key pair. Used
-     * by KeyTool only.
-     *
-     * The publicKey is not necessarily to be an instance of
-     * X509Key in some JCA/JCE providers, for example SunPKCS11.
-     */
-    public PublicKey getPublicKeyAnyway() {
-        return publicKey;
-    }
-
-    /**
-     * Returns the private key of the generated key pair.
-     *
-     * <P><STRONG><em>Be extremely careful when handling private keys.
-     * When private keys are not kept secret, they lose their ability
-     * to securely authenticate specific entities ... that is a huge
-     * security risk!</em></STRONG>
-     */
-    public PrivateKey getPrivateKey ()
-    {
-        return privateKey;
-    }
-
-    /**
-     * Returns a self-signed X.509v3 certificate for the public key.
-     * The certificate is immediately valid. No extensions.
-     *
-     * <P>Such certificates normally are used to identify a "Certificate
-     * Authority" (CA).  Accordingly, they will not always be accepted by
-     * other parties.  However, such certificates are also useful when
-     * you are bootstrapping your security infrastructure, or deploying
-     * system prototypes.
-     *
-     * @param myname X.500 name of the subject (who is also the issuer)
-     * @param firstDate the issue time of the certificate
-     * @param validity how long the certificate should be valid, in seconds
-     * @exception CertificateException on certificate handling errors.
-     * @exception InvalidKeyException on key handling errors.
-     * @exception SignatureException on signature handling errors.
-     * @exception NoSuchAlgorithmException on unrecognized algorithms.
-     * @exception NoSuchProviderException on unrecognized providers.
-     */
-    public X509Certificate getSelfCertificate (
-            X500Name myname, Date firstDate, long validity)
-    throws CertificateException, InvalidKeyException, SignatureException,
-        NoSuchAlgorithmException, NoSuchProviderException
-    {
-        return getSelfCertificate(myname, firstDate, validity, null);
-    }
-
-    // Like above, plus a CertificateExtensions argument, which can be null.
-    public X509Certificate getSelfCertificate (X500Name myname, Date firstDate,
-            long validity, CertificateExtensions ext)
-    throws CertificateException, InvalidKeyException, SignatureException,
-        NoSuchAlgorithmException, NoSuchProviderException
-    {
-        X509CertImpl    cert;
-        Date            lastDate;
-
-        try {
-            lastDate = new Date ();
-            lastDate.setTime (firstDate.getTime () + validity * 1000);
-
-            CertificateValidity interval =
-                                   new CertificateValidity(firstDate,lastDate);
-
-            X509CertInfo info = new X509CertInfo();
-            // Add all mandatory attributes
-            info.set(X509CertInfo.VERSION,
-                     new CertificateVersion(CertificateVersion.V3));
-            info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(
-                    new java.util.Random().nextInt() & 0x7fffffff));
-            AlgorithmId algID = AlgorithmId.get(sigAlg);
-            info.set(X509CertInfo.ALGORITHM_ID,
-                     new CertificateAlgorithmId(algID));
-            info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(myname));
-            info.set(X509CertInfo.KEY, new CertificateX509Key(publicKey));
-            info.set(X509CertInfo.VALIDITY, interval);
-            info.set(X509CertInfo.ISSUER, new CertificateIssuerName(myname));
-            if (ext != null) info.set(X509CertInfo.EXTENSIONS, ext);
-
-            cert = new X509CertImpl(info);
-            cert.sign(privateKey, this.sigAlg);
-
-            return (X509Certificate)cert;
-
-        } catch (IOException e) {
-             throw new CertificateEncodingException("getSelfCert: " +
-                                                    e.getMessage());
-        }
-    }
-
-    // Keep the old method
-    public X509Certificate getSelfCertificate (X500Name myname, long validity)
-    throws CertificateException, InvalidKeyException, SignatureException,
-        NoSuchAlgorithmException, NoSuchProviderException
-    {
-        return getSelfCertificate(myname, new Date(), validity);
-    }
-
-    /**
-     * Returns a PKCS #10 certificate request.  The caller uses either
-     * <code>PKCS10.print</code> or <code>PKCS10.toByteArray</code>
-     * operations on the result, to get the request in an appropriate
-     * transmission format.
-     *
-     * <P>PKCS #10 certificate requests are sent, along with some proof
-     * of identity, to Certificate Authorities (CAs) which then issue
-     * X.509 public key certificates.
-     *
-     * @param myname X.500 name of the subject
-     * @exception InvalidKeyException on key handling errors.
-     * @exception SignatureException on signature handling errors.
-     */
-    public PKCS10 getCertRequest (X500Name myname)
-    throws InvalidKeyException, SignatureException
-    {
-        PKCS10  req = new PKCS10 (publicKey);
-
-        try {
-            Signature signature = Signature.getInstance(sigAlg);
-            signature.initSign (privateKey);
-            req.encodeAndSign(myname, signature);
-
-        } catch (CertificateException e) {
-            throw new SignatureException (sigAlg + " CertificateException");
-
-        } catch (IOException e) {
-            throw new SignatureException (sigAlg + " IOException");
-
-        } catch (NoSuchAlgorithmException e) {
-            // "can't happen"
-            throw new SignatureException (sigAlg + " unavailable?");
-        }
-        return req;
-    }
-
-    private SecureRandom        prng;
-    private String              sigAlg;
-    private KeyPairGenerator    keyGen;
-    private PublicKey           publicKey;
-    private PrivateKey          privateKey;
-}
--- a/jdk/src/share/classes/sun/security/tools/JarSigner.java	Sat Oct 13 10:15:57 2012 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,2467 +0,0 @@
-/*
- * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package sun.security.tools;
-
-import java.io.*;
-import java.util.*;
-import java.util.zip.*;
-import java.util.jar.*;
-import java.math.BigInteger;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.text.Collator;
-import java.text.MessageFormat;
-import java.security.cert.Certificate;
-import java.security.cert.X509Certificate;
-import java.security.cert.CertificateException;
-import java.security.*;
-import java.lang.reflect.Constructor;
-
-import com.sun.jarsigner.ContentSigner;
-import com.sun.jarsigner.ContentSignerParameters;
-import java.net.SocketTimeoutException;
-import java.net.URL;
-import java.net.URLClassLoader;
-import java.security.cert.CertPath;
-import java.security.cert.CertPathValidator;
-import java.security.cert.CertificateExpiredException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.CertificateNotYetValidException;
-import java.security.cert.PKIXParameters;
-import java.security.cert.TrustAnchor;
-import java.util.Map.Entry;
-import sun.security.x509.*;
-import sun.security.util.*;
-import sun.misc.BASE64Encoder;
-
-
-/**
- * <p>The jarsigner utility.
- *
- * The exit codes for the main method are:
- *
- * 0: success
- * 1: any error that the jar cannot be signed or verified, including:
- *      keystore loading error
- *      TSP communication error
- *      jarsigner command line error...
- * otherwise: error codes from -strict
- *
- * @author Roland Schemers
- * @author Jan Luehe
- */
-
-public class JarSigner {
-
-    // for i18n
-    private static final java.util.ResourceBundle rb =
-        java.util.ResourceBundle.getBundle
-        ("sun.security.tools.JarSignerResources");
-    private static final Collator collator = Collator.getInstance();
-    static {
-        // this is for case insensitive string comparisions
-        collator.setStrength(Collator.PRIMARY);
-    }
-
-    private static final String META_INF = "META-INF/";
-
-    // prefix for new signature-related files in META-INF directory
-    private static final String SIG_PREFIX = META_INF + "SIG-";
-
-    private static final Class[] PARAM_STRING = { String.class };
-
-    private static final String NONE = "NONE";
-    private static final String P11KEYSTORE = "PKCS11";
-
-    private static final long SIX_MONTHS = 180*24*60*60*1000L; //milliseconds
-
-    // Attention:
-    // This is the entry that get launched by the security tool jarsigner.
-    public static void main(String args[]) throws Exception {
-        JarSigner js = new JarSigner();
-        js.run(args);
-    }
-
-    static final String VERSION = "1.0";
-
-    static final int IN_KEYSTORE = 0x01;        // signer is in keystore
-    static final int IN_SCOPE = 0x02;
-    static final int NOT_ALIAS = 0x04;          // alias list is NOT empty and
-                                                // signer is not in alias list
-    static final int SIGNED_BY_ALIAS = 0x08;    // signer is in alias list
-
-    X509Certificate[] certChain;    // signer's cert chain (when composing)
-    PrivateKey privateKey;          // private key
-    KeyStore store;                 // the keystore specified by -keystore
-                                    // or the default keystore, never null
-
-    String keystore; // key store file
-    boolean nullStream = false; // null keystore input stream (NONE)
-    boolean token = false; // token-based keystore
-    String jarfile;  // jar files to sign or verify
-    String alias;    // alias to sign jar with
-    List<String> ckaliases = new ArrayList<>(); // aliases in -verify
-    char[] storepass; // keystore password
-    boolean protectedPath; // protected authentication path
-    String storetype; // keystore type
-    String providerName; // provider name
-    Vector<String> providers = null; // list of providers
-    // arguments for provider constructors
-    HashMap<String,String> providerArgs = new HashMap<>();
-    char[] keypass; // private key password
-    String sigfile; // name of .SF file
-    String sigalg; // name of signature algorithm
-    String digestalg = "SHA-256"; // name of digest algorithm
-    String signedjar; // output filename
-    String tsaUrl; // location of the Timestamping Authority
-    String tsaAlias; // alias for the Timestamping Authority's certificate
-    String altCertChain; // file to read alternative cert chain from
-    boolean verify = false; // verify the jar
-    String verbose = null; // verbose output when signing/verifying
-    boolean showcerts = false; // show certs when verifying
-    boolean debug = false; // debug
-    boolean signManifest = true; // "sign" the whole manifest
-    boolean externalSF = true; // leave the .SF out of the PKCS7 block
-    boolean strict = false;  // treat warnings as error
-
-    // read zip entry raw bytes
-    private ByteArrayOutputStream baos = new ByteArrayOutputStream(2048);
-    private byte[] buffer = new byte[8192];
-    private ContentSigner signingMechanism = null;
-    private String altSignerClass = null;
-    private String altSignerClasspath = null;
-    private ZipFile zipFile = null;
-
-    private boolean hasExpiredCert = false;
-    private boolean hasExpiringCert = false;
-    private boolean notYetValidCert = false;
-    private boolean chainNotValidated = false;
-    private boolean notSignedByAlias = false;
-    private boolean aliasNotInStore = false;
-    private boolean hasUnsignedEntry = false;
-    private boolean badKeyUsage = false;
-    private boolean badExtendedKeyUsage = false;
-    private boolean badNetscapeCertType = false;
-
-    CertificateFactory certificateFactory;
-    CertPathValidator validator;
-    PKIXParameters pkixParameters;
-
-    public void run(String args[]) {
-        try {
-            parseArgs(args);
-
-            // Try to load and install the specified providers
-            if (providers != null) {
-                ClassLoader cl = ClassLoader.getSystemClassLoader();
-                Enumeration<String> e = providers.elements();
-                while (e.hasMoreElements()) {
-                    String provName = e.nextElement();
-                    Class<?> provClass;
-                    if (cl != null) {
-                        provClass = cl.loadClass(provName);
-                    } else {
-                        provClass = Class.forName(provName);
-                    }
-
-                    String provArg = providerArgs.get(provName);
-                    Object obj;
-                    if (provArg == null) {
-                        obj = provClass.newInstance();
-                    } else {
-                        Constructor<?> c =
-                                provClass.getConstructor(PARAM_STRING);
-                        obj = c.newInstance(provArg);
-                    }
-
-                    if (!(obj instanceof Provider)) {
-                        MessageFormat form = new MessageFormat(rb.getString
-                            ("provName.not.a.provider"));
-                        Object[] source = {provName};
-                        throw new Exception(form.format(source));
-                    }
-                    Security.addProvider((Provider)obj);
-                }
-            }
-
-            if (verify) {
-                try {
-                    loadKeyStore(keystore, false);
-                } catch (Exception e) {
-                    if ((keystore != null) || (storepass != null)) {
-                        System.out.println(rb.getString("jarsigner.error.") +
-                                        e.getMessage());
-                        System.exit(1);
-                    }
-                }
-                /*              if (debug) {
-                    SignatureFileVerifier.setDebug(true);
-                    ManifestEntryVerifier.setDebug(true);
-                }
-                */
-                verifyJar(jarfile);
-            } else {
-                loadKeyStore(keystore, true);
-                getAliasInfo(alias);
-
-                // load the alternative signing mechanism
-                if (altSignerClass != null) {
-                    signingMechanism = loadSigningMechanism(altSignerClass,
-                        altSignerClasspath);
-                }
-                signJar(jarfile, alias, args);
-            }
-        } catch (Exception e) {
-            System.out.println(rb.getString("jarsigner.error.") + e);
-            if (debug) {
-                e.printStackTrace();
-            }
-            System.exit(1);
-        } finally {
-            // zero-out private key password
-            if (keypass != null) {
-                Arrays.fill(keypass, ' ');
-                keypass = null;
-            }
-            // zero-out keystore password
-            if (storepass != null) {
-                Arrays.fill(storepass, ' ');
-                storepass = null;
-            }
-        }
-
-        if (strict) {
-            int exitCode = 0;
-            if (hasExpiringCert) {
-                exitCode |= 2;
-            }
-            if (chainNotValidated || hasExpiredCert || notYetValidCert) {
-                exitCode |= 4;
-            }
-            if (badKeyUsage || badExtendedKeyUsage || badNetscapeCertType) {
-                exitCode |= 8;
-            }
-            if (hasUnsignedEntry) {
-                exitCode |= 16;
-            }
-            if (notSignedByAlias || aliasNotInStore) {
-                exitCode |= 32;
-            }
-            if (exitCode != 0) {
-                System.exit(exitCode);
-            }
-        }
-    }
-
-    /*
-     * Parse command line arguments.
-     */
-    void parseArgs(String args[]) {
-        /* parse flags */
-        int n = 0;
-
-        if (args.length == 0) fullusage();
-        for (n=0; n < args.length; n++) {
-
-            String flags = args[n];
-            String modifier = null;
-            if (flags.charAt(0) == '-') {
-                int pos = flags.indexOf(':');
-                if (pos > 0) {
-                    modifier = flags.substring(pos+1);
-                    flags = flags.substring(0, pos);
-                }
-            }
-
-            if (collator.compare(flags, "-keystore") == 0) {
-                if (++n == args.length) usageNoArg();
-                keystore = args[n];
-            } else if (collator.compare(flags, "-storepass") ==0) {
-                if (++n == args.length) usageNoArg();
-                storepass = getPass(modifier, args[n]);
-            } else if (collator.compare(flags, "-storetype") ==0) {
-                if (++n == args.length) usageNoArg();
-                storetype = args[n];
-            } else if (collator.compare(flags, "-providerName") ==0) {
-                if (++n == args.length) usageNoArg();
-                providerName = args[n];
-            } else if ((collator.compare(flags, "-provider") == 0) ||
-                        (collator.compare(flags, "-providerClass") == 0)) {
-                if (++n == args.length) usageNoArg();
-                if (providers == null) {
-                    providers = new Vector<String>(3);
-                }
-                providers.add(args[n]);
-
-                if (args.length > (n+1)) {
-                    flags = args[n+1];
-                    if (collator.compare(flags, "-providerArg") == 0) {
-                        if (args.length == (n+2)) usageNoArg();
-                        providerArgs.put(args[n], args[n+2]);
-                        n += 2;
-                    }
-                }
-            } else if (collator.compare(flags, "-protected") ==0) {
-                protectedPath = true;
-            } else if (collator.compare(flags, "-certchain") ==0) {
-                if (++n == args.length) usageNoArg();
-                altCertChain = args[n];
-            } else if (collator.compare(flags, "-debug") ==0) {
-                debug = true;
-            } else if (collator.compare(flags, "-keypass") ==0) {
-                if (++n == args.length) usageNoArg();
-                keypass = getPass(modifier, args[n]);
-            } else if (collator.compare(flags, "-sigfile") ==0) {
-                if (++n == args.length) usageNoArg();
-                sigfile = args[n];
-            } else if (collator.compare(flags, "-signedjar") ==0) {
-                if (++n == args.length) usageNoArg();
-                signedjar = args[n];
-            } else if (collator.compare(flags, "-tsa") ==0) {
-                if (++n == args.length) usageNoArg();
-                tsaUrl = args[n];
-            } else if (collator.compare(flags, "-tsacert") ==0) {
-                if (++n == args.length) usageNoArg();
-                tsaAlias = args[n];
-            } else if (collator.compare(flags, "-altsigner") ==0) {
-                if (++n == args.length) usageNoArg();
-                altSignerClass = args[n];
-            } else if (collator.compare(flags, "-altsignerpath") ==0) {
-                if (++n == args.length) usageNoArg();
-                altSignerClasspath = args[n];
-            } else if (collator.compare(flags, "-sectionsonly") ==0) {
-                signManifest = false;
-            } else if (collator.compare(flags, "-internalsf") ==0) {
-                externalSF = false;
-            } else if (collator.compare(flags, "-verify") ==0) {
-                verify = true;
-            } else if (collator.compare(flags, "-verbose") ==0) {
-                verbose = (modifier != null) ? modifier : "all";
-            } else if (collator.compare(flags, "-sigalg") ==0) {
-                if (++n == args.length) usageNoArg();
-                sigalg = args[n];
-            } else if (collator.compare(flags, "-digestalg") ==0) {
-                if (++n == args.length) usageNoArg();
-                digestalg = args[n];
-            } else if (collator.compare(flags, "-certs") ==0) {
-                showcerts = true;
-            } else if (collator.compare(flags, "-strict") ==0) {
-                strict = true;
-            } else if (collator.compare(flags, "-h") == 0 ||
-                        collator.compare(flags, "-help") == 0) {
-                fullusage();
-            } else {
-                if (!flags.startsWith("-")) {
-                    if (jarfile == null) {
-                        jarfile = flags;
-                    } else {
-                        alias = flags;
-                        ckaliases.add(alias);
-                    }
-                } else {
-                    System.err.println(
-                            rb.getString("Illegal.option.") + flags);
-                    usage();
-                }
-            }
-        }
-
-        // -certs must always be specified with -verbose
-        if (verbose == null) showcerts = false;
-
-        if (jarfile == null) {
-            System.err.println(rb.getString("Please.specify.jarfile.name"));
-            usage();
-        }
-        if (!verify && alias == null) {
-            System.err.println(rb.getString("Please.specify.alias.name"));
-            usage();
-        }
-        if (!verify && ckaliases.size() > 1) {
-            System.err.println(rb.getString("Only.one.alias.can.be.specified"));
-            usage();
-        }
-
-        if (storetype == null) {
-            storetype = KeyStore.getDefaultType();
-        }
-        storetype = KeyStoreUtil.niceStoreTypeName(storetype);
-
-        try {
-            if (signedjar != null && new File(signedjar).getCanonicalPath().equals(
-                    new File(jarfile).getCanonicalPath())) {
-                signedjar = null;
-            }
-        } catch (IOException ioe) {
-            // File system error?
-            // Just ignore it.
-        }
-
-        if (P11KEYSTORE.equalsIgnoreCase(storetype) ||
-                KeyStoreUtil.isWindowsKeyStore(storetype)) {
-            token = true;
-            if (keystore == null) {
-                keystore = NONE;
-            }
-        }
-
-        if (NONE.equals(keystore)) {
-            nullStream = true;
-        }
-
-        if (token && !nullStream) {
-            System.err.println(MessageFormat.format(rb.getString
-                (".keystore.must.be.NONE.if.storetype.is.{0}"), storetype));
-            usage();
-        }
-
-        if (token && keypass != null) {
-            System.err.println(MessageFormat.format(rb.getString
-                (".keypass.can.not.be.specified.if.storetype.is.{0}"), storetype));
-            usage();
-        }
-
-        if (protectedPath) {
-            if (storepass != null || keypass != null) {
-                System.err.println(rb.getString
-                        ("If.protected.is.specified.then.storepass.and.keypass.must.not.be.specified"));
-                usage();
-            }
-        }
-        if (KeyStoreUtil.isWindowsKeyStore(storetype)) {
-            if (storepass != null || keypass != null) {
-                System.err.println(rb.getString
-                        ("If.keystore.is.not.password.protected.then.storepass.and.keypass.must.not.be.specified"));
-                usage();
-            }
-        }
-    }
-
-    static char[] getPass(String modifier, String arg) {
-        char[] output = KeyTool.getPassWithModifier(modifier, arg);
-        if (output != null) return output;
-        usage();
-        return null;    // Useless, usage() already exit
-    }
-
-    static void usageNoArg() {
-        System.out.println(rb.getString("Option.lacks.argument"));
-        usage();
-    }
-
-    static void usage() {
-        System.out.println();
-        System.out.println(rb.getString("Please.type.jarsigner.help.for.usage"));
-        System.exit(1);
-    }
-
-    static void fullusage() {
-        System.out.println(rb.getString
-                ("Usage.jarsigner.options.jar.file.alias"));
-        System.out.println(rb.getString
-                (".jarsigner.verify.options.jar.file.alias."));
-        System.out.println();
-        System.out.println(rb.getString
-                (".keystore.url.keystore.location"));
-        System.out.println();
-        System.out.println(rb.getString
-                (".storepass.password.password.for.keystore.integrity"));
-        System.out.println();
-        System.out.println(rb.getString
-                (".storetype.type.keystore.type"));
-        System.out.println();
-        System.out.println(rb.getString
-                (".keypass.password.password.for.private.key.if.different."));
-        System.out.println();
-        System.out.println(rb.getString
-                (".certchain.file.name.of.alternative.certchain.file"));
-        System.out.println();
-        System.out.println(rb.getString
-                (".sigfile.file.name.of.SF.DSA.file"));
-        System.out.println();
-        System.out.println(rb.getString
-                (".signedjar.file.name.of.signed.JAR.file"));
-        System.out.println();
-        System.out.println(rb.getString
-                (".digestalg.algorithm.name.of.digest.algorithm"));
-        System.out.println();
-        System.out.println(rb.getString
-                (".sigalg.algorithm.name.of.signature.algorithm"));
-        System.out.println();
-        System.out.println(rb.getString
-                (".verify.verify.a.signed.JAR.file"));
-        System.out.println();
-        System.out.println(rb.getString
-                (".verbose.suboptions.verbose.output.when.signing.verifying."));
-        System.out.println(rb.getString
-                (".suboptions.can.be.all.grouped.or.summary"));
-        System.out.println();
-        System.out.println(rb.getString
-                (".certs.display.certificates.when.verbose.and.verifying"));
-        System.out.println();
-        System.out.println(rb.getString
-                (".tsa.url.location.of.the.Timestamping.Authority"));
-        System.out.println();
-        System.out.println(rb.getString
-                (".tsacert.alias.public.key.certificate.for.Timestamping.Authority"));
-        System.out.println();
-        System.out.println(rb.getString
-                (".altsigner.class.class.name.of.an.alternative.signing.mechanism"));
-        System.out.println();
-        System.out.println(rb.getString
-                (".altsignerpath.pathlist.location.of.an.alternative.signing.mechanism"));
-        System.out.println();
-        System.out.println(rb.getString
-                (".internalsf.include.the.SF.file.inside.the.signature.block"));
-        System.out.println();
-        System.out.println(rb.getString
-                (".sectionsonly.don.t.compute.hash.of.entire.manifest"));
-        System.out.println();
-        System.out.println(rb.getString
-                (".protected.keystore.has.protected.authentication.path"));
-        System.out.println();
-        System.out.println(rb.getString
-                (".providerName.name.provider.name"));
-        System.out.println();
-        System.out.println(rb.getString
-                (".providerClass.class.name.of.cryptographic.service.provider.s"));
-        System.out.println(rb.getString
-                (".providerArg.arg.master.class.file.and.constructor.argument"));
-        System.out.println();
-        System.out.println(rb.getString
-                (".strict.treat.warnings.as.errors"));
-        System.out.println();
-
-        System.exit(0);
-    }
-
-    void verifyJar(String jarName)
-        throws Exception
-    {
-        boolean anySigned = false;  // if there exists entry inside jar signed
-        JarFile jf = null;
-
-        try {
-            jf = new JarFile(jarName, true);
-            Vector<JarEntry> entriesVec = new Vector<>();
-            byte[] buffer = new byte[8192];
-
-            Enumeration<JarEntry> entries = jf.entries();
-            while (entries.hasMoreElements()) {
-                JarEntry je = entries.nextElement();
-                entriesVec.addElement(je);
-                InputStream is = null;
-                try {
-                    is = jf.getInputStream(je);
-                    int n;
-                    while ((n = is.read(buffer, 0, buffer.length)) != -1) {
-                        // we just read. this will throw a SecurityException
-                        // if  a signature/digest check fails.
-                    }
-                } finally {
-                    if (is != null) {
-                        is.close();
-                    }
-                }
-            }
-
-            Manifest man = jf.getManifest();
-
-            // The map to record display info, only used when -verbose provided
-            //      key: signer info string
-            //      value: the list of files with common key
-            Map<String,List<String>> output = new LinkedHashMap<>();
-
-            if (man != null) {
-                if (verbose != null) System.out.println();
-                Enumeration<JarEntry> e = entriesVec.elements();
-
-                String tab = rb.getString("6SPACE");
-
-                while (e.hasMoreElements()) {
-                    JarEntry je = e.nextElement();
-                    String name = je.getName();
-                    CodeSigner[] signers = je.getCodeSigners();
-                    boolean isSigned = (signers != null);
-                    anySigned |= isSigned;
-                    hasUnsignedEntry |= !je.isDirectory() && !isSigned
-                                        && !signatureRelated(name);
-
-                    int inStoreOrScope = inKeyStore(signers);
-
-                    boolean inStore = (inStoreOrScope & IN_KEYSTORE) != 0;
-                    boolean inScope = (inStoreOrScope & IN_SCOPE) != 0;
-
-                    notSignedByAlias |= (inStoreOrScope & NOT_ALIAS) != 0;
-                    if (keystore != null) {
-                        aliasNotInStore |= isSigned && (!inStore && !inScope);
-                    }
-
-                    // Only used when -verbose provided
-                    StringBuffer sb = null;
-                    if (verbose != null) {
-                        sb = new StringBuffer();
-                        boolean inManifest =
-                            ((man.getAttributes(name) != null) ||
-                             (man.getAttributes("./"+name) != null) ||
-                             (man.getAttributes("/"+name) != null));
-                        sb.append(
-                          (isSigned ? rb.getString("s") : rb.getString("SPACE")) +
-                          (inManifest ? rb.getString("m") : rb.getString("SPACE")) +
-                          (inStore ? rb.getString("k") : rb.getString("SPACE")) +
-                          (inScope ? rb.getString("i") : rb.getString("SPACE")) +
-                          ((inStoreOrScope & NOT_ALIAS) != 0 ?"X":" ") +
-                          rb.getString("SPACE"));
-                        sb.append("|");
-                    }
-
-                    // When -certs provided, display info has extra empty
-                    // lines at the beginning and end.
-                    if (isSigned) {
-                        if (showcerts) sb.append('\n');
-                        for (CodeSigner signer: signers) {
-                            // signerInfo() must be called even if -verbose
-                            // not provided. The method updates various
-                            // warning flags.
-                            String si = signerInfo(signer, tab);
-                            if (showcerts) {
-                                sb.append(si);
-                                sb.append('\n');
-                            }
-                        }
-                    } else if (showcerts && !verbose.equals("all")) {
-                        // Print no info for unsigned entries when -verbose:all,
-                        // to be consistent with old behavior.
-                        if (signatureRelated(name)) {
-                            sb.append("\n" + tab + rb.getString(
-                                    ".Signature.related.entries.") + "\n\n");
-                        } else {
-                            sb.append("\n" + tab + rb.getString(
-                                    ".Unsigned.entries.") + "\n\n");
-                        }
-                    }
-
-                    if (verbose != null) {
-                        String label = sb.toString();
-                        if (signatureRelated(name)) {
-                            // Entries inside META-INF and other unsigned
-                            // entries are grouped separately.
-                            label = "-" + label;
-                        }
-
-                        // The label finally contains 2 parts separated by '|':
-                        // The legend displayed before the entry names, and
-                        // the cert info (if -certs specfied).
-
-                        if (!output.containsKey(label)) {
-                            output.put(label, new ArrayList<String>());
-                        }
-
-                        StringBuffer fb = new StringBuffer();
-                        String s = Long.toString(je.getSize());
-                        for (int i = 6 - s.length(); i > 0; --i) {
-                            fb.append(' ');
-                        }
-                        fb.append(s).append(' ').
-                                append(new Date(je.getTime()).toString());
-                        fb.append(' ').append(name);
-
-                        output.get(label).add(fb.toString());
-                    }
-                }
-            }
-            if (verbose != null) {
-                for (Entry<String,List<String>> s: output.entrySet()) {
-                    List<String> files = s.getValue();
-                    String key = s.getKey();
-                    if (key.charAt(0) == '-') { // the signature-related group
-                        key = key.substring(1);
-                    }
-                    int pipe = key.indexOf('|');
-                    if (verbose.equals("all")) {
-                        for (String f: files) {
-                            System.out.println(key.substring(0, pipe) + f);
-                            System.out.printf(key.substring(pipe+1));
-                        }
-                    } else {
-                        if (verbose.equals("grouped")) {
-                            for (String f: files) {
-                                System.out.println(key.substring(0, pipe) + f);
-                            }
-                        } else if (verbose.equals("summary")) {
-                            System.out.print(key.substring(0, pipe));
-                            if (files.size() > 1) {
-                                System.out.println(files.get(0) + " " +
-                                        String.format(rb.getString(
-                                        ".and.d.more."), files.size()-1));
-                            } else {
-                                System.out.println(files.get(0));
-                            }
-                        }
-                        System.out.printf(key.substring(pipe+1));
-                    }
-                }
-                System.out.println();
-                System.out.println(rb.getString(
-                    ".s.signature.was.verified."));
-                System.out.println(rb.getString(
-                    ".m.entry.is.listed.in.manifest"));
-                System.out.println(rb.getString(
-                    ".k.at.least.one.certificate.was.found.in.keystore"));
-                System.out.println(rb.getString(
-                    ".i.at.least.one.certificate.was.found.in.identity.scope"));
-                if (ckaliases.size() > 0) {
-                    System.out.println(rb.getString(
-                        ".X.not.signed.by.specified.alias.es."));
-                }
-                System.out.println();
-            }
-            if (man == null)
-                System.out.println(rb.getString("no.manifest."));
-
-            if (!anySigned) {
-                System.out.println(rb.getString(
-                      "jar.is.unsigned.signatures.missing.or.not.parsable."));
-            } else {
-                System.out.println(rb.getString("jar.verified."));
-                if (hasUnsignedEntry || hasExpiredCert || hasExpiringCert ||
-                    badKeyUsage || badExtendedKeyUsage || badNetscapeCertType ||
-                    notYetValidCert || chainNotValidated ||
-                    aliasNotInStore || notSignedByAlias) {
-
-                    System.out.println();
-                    System.out.println(rb.getString("Warning."));
-                    if (badKeyUsage) {
-                        System.out.println(
-                            rb.getString("This.jar.contains.entries.whose.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing."));
-                    }
-
-                    if (badExtendedKeyUsage) {
-                        System.out.println(
-                            rb.getString("This.jar.contains.entries.whose.signer.certificate.s.ExtendedKeyUsage.extension.doesn.t.allow.code.signing."));
-                    }
-
-                    if (badNetscapeCertType) {
-                        System.out.println(
-                            rb.getString("This.jar.contains.entries.whose.signer.certificate.s.NetscapeCertType.extension.doesn.t.allow.code.signing."));
-                    }
-
-                    if (hasUnsignedEntry) {
-                        System.out.println(rb.getString(
-                            "This.jar.contains.unsigned.entries.which.have.not.been.integrity.checked."));
-                    }
-                    if (hasExpiredCert) {
-                        System.out.println(rb.getString(
-                            "This.jar.contains.entries.whose.signer.certificate.has.expired."));
-                    }
-                    if (hasExpiringCert) {
-                        System.out.println(rb.getString(
-                            "This.jar.contains.entries.whose.signer.certificate.will.expire.within.six.months."));
-                    }
-                    if (notYetValidCert) {
-                        System.out.println(rb.getString(
-                            "This.jar.contains.entries.whose.signer.certificate.is.not.yet.valid."));
-                    }
-
-                    if (chainNotValidated) {
-                        System.out.println(
-                                rb.getString("This.jar.contains.entries.whose.certificate.chain.is.not.validated."));
-                    }
-
-                    if (notSignedByAlias) {
-                        System.out.println(
-                                rb.getString("This.jar.contains.signed.entries.which.is.not.signed.by.the.specified.alias.es."));
-                    }
-
-                    if (aliasNotInStore) {
-                        System.out.println(rb.getString("This.jar.contains.signed.entries.that.s.not.signed.by.alias.in.this.keystore."));
-                    }
-                    if (! (verbose != null && showcerts)) {
-                        System.out.println();
-                        System.out.println(rb.getString(
-                            "Re.run.with.the.verbose.and.certs.options.for.more.details."));
-                    }
-                }
-            }
-            return;
-        } catch (Exception e) {
-            System.out.println(rb.getString("jarsigner.") + e);
-            if (debug) {
-                e.printStackTrace();
-            }
-        } finally { // close the resource
-            if (jf != null) {
-                jf.close();
-            }
-        }
-
-        System.exit(1);
-    }
-
-    private static MessageFormat validityTimeForm = null;
-    private static MessageFormat notYetTimeForm = null;
-    private static MessageFormat expiredTimeForm = null;
-    private static MessageFormat expiringTimeForm = null;
-
-    /*
-     * Display some details about a certificate:
-     *
-     * [<tab>] <cert-type> [", " <subject-DN>] [" (" <keystore-entry-alias> ")"]
-     * [<validity-period> | <expiry-warning>]
-     *
-     * Note: no newline character at the end
-     */
-    String printCert(String tab, Certificate c, boolean checkValidityPeriod,
-        Date timestamp, boolean checkUsage) {
-
-        StringBuilder certStr = new StringBuilder();
-        String space = rb.getString("SPACE");
-        X509Certificate x509Cert = null;
-
-        if (c instanceof X509Certificate) {
-            x509Cert = (X509Certificate) c;
-            certStr.append(tab).append(x509Cert.getType())
-                .append(rb.getString("COMMA"))
-                .append(x509Cert.getSubjectDN().getName());
-        } else {
-            certStr.append(tab).append(c.getType());
-        }
-
-        String alias = storeHash.get(c);
-        if (alias != null) {
-            certStr.append(space).append(alias);
-        }
-
-        if (checkValidityPeriod && x509Cert != null) {
-
-            certStr.append("\n").append(tab).append("[");
-            Date notAfter = x509Cert.getNotAfter();
-            try {
-                boolean printValidity = true;
-                if (timestamp == null) {
-                    x509Cert.checkValidity();
-                    // test if cert will expire within six months
-                    if (notAfter.getTime() < System.currentTimeMillis() + SIX_MONTHS) {
-                        hasExpiringCert = true;
-                        if (expiringTimeForm == null) {
-                            expiringTimeForm = new MessageFormat(
-                                rb.getString("certificate.will.expire.on"));
-                        }
-                        Object[] source = { notAfter };
-                        certStr.append(expiringTimeForm.format(source));
-                        printValidity = false;
-                    }
-                } else {
-                    x509Cert.checkValidity(timestamp);
-                }
-                if (printValidity) {
-                    if (validityTimeForm == null) {
-                        validityTimeForm = new MessageFormat(
-                            rb.getString("certificate.is.valid.from"));
-                    }
-                    Object[] source = { x509Cert.getNotBefore(), notAfter };
-                    certStr.append(validityTimeForm.format(source));
-                }
-            } catch (CertificateExpiredException cee) {
-                hasExpiredCert = true;
-
-                if (expiredTimeForm == null) {
-                    expiredTimeForm = new MessageFormat(
-                        rb.getString("certificate.expired.on"));
-                }
-                Object[] source = { notAfter };
-                certStr.append(expiredTimeForm.format(source));
-
-            } catch (CertificateNotYetValidException cnyve) {
-                notYetValidCert = true;
-
-                if (notYetTimeForm == null) {
-                    notYetTimeForm = new MessageFormat(
-                        rb.getString("certificate.is.not.valid.until"));
-                }
-                Object[] source = { x509Cert.getNotBefore() };
-                certStr.append(notYetTimeForm.format(source));
-            }
-            certStr.append("]");
-
-            if (checkUsage) {
-                boolean[] bad = new boolean[3];
-                checkCertUsage(x509Cert, bad);
-                if (bad[0] || bad[1] || bad[2]) {
-                    String x = "";
-                    if (bad[0]) {
-                        x ="KeyUsage";
-                    }
-                    if (bad[1]) {
-                        if (x.length() > 0) x = x + ", ";
-                        x = x + "ExtendedKeyUsage";
-                    }
-                    if (bad[2]) {
-                        if (x.length() > 0) x = x + ", ";
-                        x = x + "NetscapeCertType";
-                    }
-                    certStr.append("\n").append(tab)
-                        .append(MessageFormat.format(rb.getString(
-                        ".{0}.extension.does.not.support.code.signing."), x));
-                }
-            }
-        }
-        return certStr.toString();
-    }
-
-    private static MessageFormat signTimeForm = null;
-
-    private String printTimestamp(String tab, Timestamp timestamp) {
-
-        if (signTimeForm == null) {
-            signTimeForm =
-                new MessageFormat(rb.getString("entry.was.signed.on"));
-        }
-        Object[] source = { timestamp.getTimestamp() };
-
-        return new StringBuilder().append(tab).append("[")
-            .append(signTimeForm.format(source)).append("]").toString();
-    }
-
-    private Map<CodeSigner,Integer> cacheForInKS = new IdentityHashMap<>();
-
-    private int inKeyStoreForOneSigner(CodeSigner signer) {
-        if (cacheForInKS.containsKey(signer)) {
-            return cacheForInKS.get(signer);
-        }
-
-        boolean found = false;
-        int result = 0;
-        List<? extends Certificate> certs = signer.getSignerCertPath().getCertificates();
-        for (Certificate c : certs) {
-            String alias = storeHash.get(c);
-            if (alias != null) {
-                if (alias.startsWith("(")) {
-                    result |= IN_KEYSTORE;
-                } else if (alias.startsWith("[")) {
-                    result |= IN_SCOPE;
-                }
-                if (ckaliases.contains(alias.substring(1, alias.length() - 1))) {
-                    result |= SIGNED_BY_ALIAS;
-                }
-            } else {
-                if (store != null) {
-                    try {
-                        alias = store.getCertificateAlias(c);
-                    } catch (KeyStoreException kse) {
-                        // never happens, because keystore has been loaded
-                    }
-                    if (alias != null) {
-                        storeHash.put(c, "(" + alias + ")");
-                        found = true;
-                        result |= IN_KEYSTORE;
-                    }
-                }
-                if (ckaliases.contains(alias)) {
-                    result |= SIGNED_BY_ALIAS;
-                }
-            }
-        }
-        cacheForInKS.put(signer, result);
-        return result;
-    }
-
-    Hashtable<Certificate, String> storeHash = new Hashtable<>();
-
-    int inKeyStore(CodeSigner[] signers) {
-
-        if (signers == null)
-            return 0;
-
-        int output = 0;
-
-        for (CodeSigner signer: signers) {
-            int result = inKeyStoreForOneSigner(signer);
-            output |= result;
-        }
-        if (ckaliases.size() > 0 && (output & SIGNED_BY_ALIAS) == 0) {
-            output |= NOT_ALIAS;
-        }
-        return output;
-    }
-
-    void signJar(String jarName, String alias, String[] args)
-        throws Exception {
-        boolean aliasUsed = false;
-        X509Certificate tsaCert = null;
-
-        if (sigfile == null) {
-            sigfile = alias;
-            aliasUsed = true;
-        }
-
-        if (sigfile.length() > 8) {
-            sigfile = sigfile.substring(0, 8).toUpperCase(Locale.ENGLISH);
-        } else {
-            sigfile = sigfile.toUpperCase(Locale.ENGLISH);
-        }
-
-        StringBuilder tmpSigFile = new StringBuilder(sigfile.length());
-        for (int j = 0; j < sigfile.length(); j++) {
-            char c = sigfile.charAt(j);
-            if (!
-                ((c>= 'A' && c<= 'Z') ||
-                (c>= '0' && c<= '9') ||
-                (c == '-') ||
-                (c == '_'))) {
-                if (aliasUsed) {
-                    // convert illegal characters from the alias to be _'s
-                    c = '_';
-                } else {
-                 throw new
-                   RuntimeException(rb.getString
-                        ("signature.filename.must.consist.of.the.following.characters.A.Z.0.9.or."));
-                }
-            }
-            tmpSigFile.append(c);
-        }
-
-        sigfile = tmpSigFile.toString();
-
-        String tmpJarName;
-        if (signedjar == null) tmpJarName = jarName+".sig";
-        else tmpJarName = signedjar;
-
-        File jarFile = new File(jarName);
-        File signedJarFile = new File(tmpJarName);
-
-        // Open the jar (zip) file
-        try {
-            zipFile = new ZipFile(jarName);
-        } catch (IOException ioe) {
-            error(rb.getString("unable.to.open.jar.file.")+jarName, ioe);
-        }
-
-        FileOutputStream fos = null;
-        try {
-            fos = new FileOutputStream(signedJarFile);
-        } catch (IOException ioe) {
-            error(rb.getString("unable.to.create.")+tmpJarName, ioe);
-        }
-
-        PrintStream ps = new PrintStream(fos);
-        ZipOutputStream zos = new ZipOutputStream(ps);
-
-        /* First guess at what they might be - we don't xclude RSA ones. */
-        String sfFilename = (META_INF + sigfile + ".SF").toUpperCase(Locale.ENGLISH);
-        String bkFilename = (META_INF + sigfile + ".DSA").toUpperCase(Locale.ENGLISH);
-
-        Manifest manifest = new Manifest();
-        Map<String,Attributes> mfEntries = manifest.getEntries();
-
-        // The Attributes of manifest before updating
-        Attributes oldAttr = null;
-
-        boolean mfModified = false;
-        boolean mfCreated = false;
-        byte[] mfRawBytes = null;
-
-        try {
-            MessageDigest digests[] = { MessageDigest.getInstance(digestalg) };
-
-            // Check if manifest exists
-            ZipEntry mfFile;
-            if ((mfFile = getManifestFile(zipFile)) != null) {
-                // Manifest exists. Read its raw bytes.
-                mfRawBytes = getBytes(zipFile, mfFile);
-                manifest.read(new ByteArrayInputStream(mfRawBytes));
-                oldAttr = (Attributes)(manifest.getMainAttributes().clone());
-            } else {
-                // Create new manifest
-                Attributes mattr = manifest.getMainAttributes();
-                mattr.putValue(Attributes.Name.MANIFEST_VERSION.toString(),
-                               "1.0");
-                String javaVendor = System.getProperty("java.vendor");
-                String jdkVersion = System.getProperty("java.version");
-                mattr.putValue("Created-By", jdkVersion + " (" +javaVendor
-                               + ")");
-                mfFile = new ZipEntry(JarFile.MANIFEST_NAME);
-                mfCreated = true;
-            }
-
-            /*
-             * For each entry in jar
-             * (except for signature-related META-INF entries),
-             * do the following:
-             *
-             * - if entry is not contained in manifest, add it to manifest;
-             * - if entry is contained in manifest, calculate its hash and
-             *   compare it with the one in the manifest; if they are
-             *   different, replace the hash in the manifest with the newly
-             *   generated one. (This may invalidate existing signatures!)
-             */
-            BASE64Encoder encoder = new JarBASE64Encoder();
-            Vector<ZipEntry> mfFiles = new Vector<>();
-
-            boolean wasSigned = false;
-
-            for (Enumeration<? extends ZipEntry> enum_=zipFile.entries();
-                        enum_.hasMoreElements();) {
-                ZipEntry ze = enum_.nextElement();
-
-                if (ze.getName().startsWith(META_INF)) {
-                    // Store META-INF files in vector, so they can be written
-                    // out first
-                    mfFiles.addElement(ze);
-
-                    if (SignatureFileVerifier.isBlockOrSF(
-                            ze.getName().toUpperCase(Locale.ENGLISH))) {
-                        wasSigned = true;
-                    }
-
-                    if (signatureRelated(ze.getName())) {
-                        // ignore signature-related and manifest files
-                        continue;
-                    }
-                }
-
-                if (manifest.getAttributes(ze.getName()) != null) {
-                    // jar entry is contained in manifest, check and
-                    // possibly update its digest attributes
-                    if (updateDigests(ze, zipFile, digests, encoder,
-                                      manifest) == true) {
-                        mfModified = true;
-                    }
-                } else if (!ze.isDirectory()) {
-                    // Add entry to manifest
-                    Attributes attrs = getDigestAttributes(ze, zipFile,
-                                                           digests,
-                                                           encoder);
-                    mfEntries.put(ze.getName(), attrs);
-                    mfModified = true;
-                }
-            }
-
-            // Recalculate the manifest raw bytes if necessary
-            if (mfModified) {
-                ByteArrayOutputStream baos = new ByteArrayOutputStream();
-                manifest.write(baos);
-                if (wasSigned) {
-                    byte[] newBytes = baos.toByteArray();
-                    if (mfRawBytes != null
-                            && oldAttr.equals(manifest.getMainAttributes())) {
-
-                        /*
-                         * Note:
-                         *
-                         * The Attributes object is based on HashMap and can handle
-                         * continuation columns. Therefore, even if the contents are
-                         * not changed (in a Map view), the bytes that it write()
-                         * may be different from the original bytes that it read()
-                         * from. Since the signature on the main attributes is based
-                         * on raw bytes, we must retain the exact bytes.
-                         */
-
-                        int newPos = findHeaderEnd(newBytes);
-                        int oldPos = findHeaderEnd(mfRawBytes);
-
-                        if (newPos == oldPos) {
-                            System.arraycopy(mfRawBytes, 0, newBytes, 0, oldPos);
-                        } else {
-                            // cat oldHead newTail > newBytes
-                            byte[] lastBytes = new byte[oldPos +
-                                    newBytes.length - newPos];
-                            System.arraycopy(mfRawBytes, 0, lastBytes, 0, oldPos);
-                            System.arraycopy(newBytes, newPos, lastBytes, oldPos,
-                                    newBytes.length - newPos);
-                            newBytes = lastBytes;
-                        }
-                    }
-                    mfRawBytes = newBytes;
-                } else {
-                    mfRawBytes = baos.toByteArray();
-                }
-            }
-
-            // Write out the manifest
-            if (mfModified) {
-                // manifest file has new length
-                mfFile = new ZipEntry(JarFile.MANIFEST_NAME);
-            }
-            if (verbose != null) {
-                if (mfCreated) {
-                    System.out.println(rb.getString(".adding.") +
-                                        mfFile.getName());
-                } else if (mfModified) {
-                    System.out.println(rb.getString(".updating.") +
-                                        mfFile.getName());
-                }
-            }
-            zos.putNextEntry(mfFile);
-            zos.write(mfRawBytes);
-
-            // Calculate SignatureFile (".SF") and SignatureBlockFile
-            ManifestDigester manDig = new ManifestDigester(mfRawBytes);
-            SignatureFile sf = new SignatureFile(digests, manifest, manDig,
-                                                 sigfile, signManifest);
-
-            if (tsaAlias != null) {
-                tsaCert = getTsaCert(tsaAlias);
-            }
-
-            SignatureFile.Block block = null;
-
-            try {
-                block =
-                    sf.generateBlock(privateKey, sigalg, certChain,
-                        externalSF, tsaUrl, tsaCert, signingMechanism, args,
-                        zipFile);
-            } catch (SocketTimeoutException e) {
-                // Provide a helpful message when TSA is beyond a firewall
-                error(rb.getString("unable.to.sign.jar.") +
-                rb.getString("no.response.from.the.Timestamping.Authority.") +
-                "\n  -J-Dhttp.proxyHost=<hostname>" +
-                "\n  -J-Dhttp.proxyPort=<portnumber>\n" +
-                rb.getString("or") +
-                "\n  -J-Dhttps.proxyHost=<hostname> " +
-                "\n  -J-Dhttps.proxyPort=<portnumber> ", e);
-            }
-
-            sfFilename = sf.getMetaName();
-            bkFilename = block.getMetaName();
-
-            ZipEntry sfFile = new ZipEntry(sfFilename);
-            ZipEntry bkFile = new ZipEntry(bkFilename);
-
-            long time = System.currentTimeMillis();
-            sfFile.setTime(time);
-            bkFile.setTime(time);
-
-            // signature file
-            zos.putNextEntry(sfFile);
-            sf.write(zos);
-            if (verbose != null) {
-                if (zipFile.getEntry(sfFilename) != null) {
-                    System.out.println(rb.getString(".updating.") +
-                                sfFilename);
-                } else {
-                    System.out.println(rb.getString(".adding.") +
-                                sfFilename);
-                }
-            }
-
-            if (verbose != null) {
-                if (tsaUrl != null || tsaCert != null) {
-                    System.out.println(
-                        rb.getString("requesting.a.signature.timestamp"));
-                }
-                if (tsaUrl != null) {
-                    System.out.println(rb.getString("TSA.location.") + tsaUrl);
-                }
-                if (tsaCert != null) {
-                    URI tsaURI = TimestampedSigner.getTimestampingURI(tsaCert);
-                    if (tsaURI != null) {
-                        System.out.println(rb.getString("TSA.location.") +
-                            tsaURI);
-                    }
-                    System.out.println(rb.getString("TSA.certificate.") +
-                        printCert("", tsaCert, false, null, false));
-                }
-                if (signingMechanism != null) {
-                    System.out.println(
-                        rb.getString("using.an.alternative.signing.mechanism"));
-                }
-            }
-
-            // signature block file
-            zos.putNextEntry(bkFile);
-            block.write(zos);
-            if (verbose != null) {
-                if (zipFile.getEntry(bkFilename) != null) {
-                    System.out.println(rb.getString(".updating.") +
-                        bkFilename);
-                } else {
-                    System.out.println(rb.getString(".adding.") +
-                        bkFilename);
-                }
-            }
-
-            // Write out all other META-INF files that we stored in the
-            // vector
-            for (int i=0; i<mfFiles.size(); i++) {
-                ZipEntry ze = mfFiles.elementAt(i);
-                if (!ze.getName().equalsIgnoreCase(JarFile.MANIFEST_NAME)
-                    && !ze.getName().equalsIgnoreCase(sfFilename)
-                    && !ze.getName().equalsIgnoreCase(bkFilename)) {
-                    writeEntry(zipFile, zos, ze);
-                }
-            }
-
-            // Write out all other files
-            for (Enumeration<? extends ZipEntry> enum_=zipFile.entries();
-                        enum_.hasMoreElements();) {
-                ZipEntry ze = enum_.nextElement();
-
-                if (!ze.getName().startsWith(META_INF)) {
-                    if (verbose != null) {
-                        if (manifest.getAttributes(ze.getName()) != null)
-                          System.out.println(rb.getString(".signing.") +
-                                ze.getName());
-                        else
-                          System.out.println(rb.getString(".adding.") +
-                                ze.getName());
-                    }
-                    writeEntry(zipFile, zos, ze);
-                }
-            }
-        } catch(IOException ioe) {
-            error(rb.getString("unable.to.sign.jar.")+ioe, ioe);
-        } finally {
-            // close the resouces
-            if (zipFile != null) {
-                zipFile.close();
-                zipFile = null;
-            }
-
-            if (zos != null) {
-                zos.close();
-            }
-        }
-
-        // no IOException thrown in the follow try clause, so disable
-        // the try clause.
-        // try {
-            if (signedjar == null) {
-                // attempt an atomic rename. If that fails,
-                // rename the original jar file, then the signed
-                // one, then delete the original.
-                if (!signedJarFile.renameTo(jarFile)) {
-                    File origJar = new File(jarName+".orig");
-
-                    if (jarFile.renameTo(origJar)) {
-                        if (signedJarFile.renameTo(jarFile)) {
-                            origJar.delete();
-                        } else {
-                            MessageFormat form = new MessageFormat(rb.getString
-                        ("attempt.to.rename.signedJarFile.to.jarFile.failed"));
-                            Object[] source = {signedJarFile, jarFile};
-                            error(form.format(source));
-                        }
-                    } else {
-                        MessageFormat form = new MessageFormat(rb.getString
-                            ("attempt.to.rename.jarFile.to.origJar.failed"));
-                        Object[] source = {jarFile, origJar};
-                        error(form.format(source));
-                    }
-                }
-            }
-
-            if (hasExpiredCert || hasExpiringCert || notYetValidCert
-                    || badKeyUsage || badExtendedKeyUsage
-                    || badNetscapeCertType || chainNotValidated) {
-                System.out.println();
-
-                System.out.println(rb.getString("Warning."));
-                if (badKeyUsage) {
-                    System.out.println(
-                        rb.getString("The.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing."));
-                }
-
-                if (badExtendedKeyUsage) {
-                    System.out.println(
-                        rb.getString("The.signer.certificate.s.ExtendedKeyUsage.extension.doesn.t.allow.code.signing."));
-                }
-
-                if (badNetscapeCertType) {
-                    System.out.println(
-                        rb.getString("The.signer.certificate.s.NetscapeCertType.extension.doesn.t.allow.code.signing."));
-                }
-
-                if (hasExpiredCert) {
-                    System.out.println(
-                        rb.getString("The.signer.certificate.has.expired."));
-                } else if (hasExpiringCert) {
-                    System.out.println(
-                        rb.getString("The.signer.certificate.will.expire.within.six.months."));
-                } else if (notYetValidCert) {
-                    System.out.println(
-                        rb.getString("The.signer.certificate.is.not.yet.valid."));
-                }
-
-                if (chainNotValidated) {
-                    System.out.println(
-                            rb.getString("The.signer.s.certificate.chain.is.not.validated."));
-                }
-            }
-
-        // no IOException thrown in the above try clause, so disable
-        // the catch clause.
-        // } catch(IOException ioe) {
-        //     error(rb.getString("unable.to.sign.jar.")+ioe, ioe);
-        // }
-    }
-
-    /**
-     * Find the length of header inside bs. The header is a multiple (>=0)
-     * lines of attributes plus an empty line. The empty line is included
-     * in the header.
-     */
-    @SuppressWarnings("fallthrough")
-    private int findHeaderEnd(byte[] bs) {
-        // Initial state true to deal with empty header
-        boolean newline = true;     // just met a newline
-        int len = bs.length;
-        for (int i=0; i<len; i++) {
-            switch (bs[i]) {
-                case '\r':
-                    if (i < len - 1 && bs[i+1] == '\n') i++;
-                    // fallthrough
-                case '\n':
-                    if (newline) return i+1;    //+1 to get length
-                    newline = true;
-                    break;
-                default:
-                    newline = false;
-            }
-        }
-        // If header end is not found, it means the MANIFEST.MF has only
-        // the main attributes section and it does not end with 2 newlines.
-        // Returns the whole length so that it can be completely replaced.
-        return len;
-    }
-
-    /**
-     * signature-related files include:
-     * . META-INF/MANIFEST.MF
-     * . META-INF/SIG-*
-     * . META-INF/*.SF
-     * . META-INF/*.DSA
-     * . META-INF/*.RSA
-     * . META-INF/*.EC
-     */
-    private boolean signatureRelated(String name) {
-        String ucName = name.toUpperCase(Locale.ENGLISH);
-        if (ucName.equals(JarFile.MANIFEST_NAME) ||
-            ucName.equals(META_INF) ||
-            (ucName.startsWith(SIG_PREFIX) &&
-                ucName.indexOf("/") == ucName.lastIndexOf("/"))) {
-            return true;
-        }
-
-        if (ucName.startsWith(META_INF) &&
-            SignatureFileVerifier.isBlockOrSF(ucName)) {
-            // .SF/.DSA/.RSA/.EC files in META-INF subdirs
-            // are not considered signature-related
-            return (ucName.indexOf("/") == ucName.lastIndexOf("/"));
-        }
-
-        return false;
-    }
-
-    Map<CodeSigner,String> cacheForSignerInfo = new IdentityHashMap<>();
-
-    /**
-     * Returns a string of singer info, with a newline at the end
-     */
-    private String signerInfo(CodeSigner signer, String tab) {
-        if (cacheForSignerInfo.containsKey(signer)) {
-            return cacheForSignerInfo.get(signer);
-        }
-        StringBuffer s = new StringBuffer();
-        List<? extends Certificate> certs = signer.getSignerCertPath().getCertificates();
-        // display the signature timestamp, if present
-        Date timestamp;
-        Timestamp ts = signer.getTimestamp();
-        if (ts != null) {
-            s.append(printTimestamp(tab, ts));
-            s.append('\n');
-            timestamp = ts.getTimestamp();
-        } else {
-            timestamp = null;
-        }
-        // display the certificate(s). The first one is end-entity cert and
-        // its KeyUsage should be checked.
-        boolean first = true;
-        for (Certificate c : certs) {
-            s.append(printCert(tab, c, true, timestamp, first));
-            s.append('\n');
-            first = false;
-        }
-        try {
-            CertPath cp = certificateFactory.generateCertPath(certs);
-            validator.validate(cp, pkixParameters);
-        } catch (Exception e) {
-            if (debug) {
-                e.printStackTrace();
-            }
-            if (e.getCause() != null &&
-                    (e.getCause() instanceof CertificateExpiredException ||
-                     e.getCause() instanceof CertificateNotYetValidException)) {
-                // No more warning, we alreay have hasExpiredCert or notYetValidCert
-            } else {
-                chainNotValidated = true;
-                s.append(tab + rb.getString(".CertPath.not.validated.") +
-                        e.getLocalizedMessage() + "]\n");   // TODO
-            }
-        }
-        String result = s.toString();
-        cacheForSignerInfo.put(signer, result);
-        return result;
-    }
-
-    private void writeEntry(ZipFile zf, ZipOutputStream os, ZipEntry ze)
-    throws IOException
-    {
-        ZipEntry ze2 = new ZipEntry(ze.getName());
-        ze2.setMethod(ze.getMethod());
-        ze2.setTime(ze.getTime());
-        ze2.setComment(ze.getComment());
-        ze2.setExtra(ze.getExtra());
-        if (ze.getMethod() == ZipEntry.STORED) {
-            ze2.setSize(ze.getSize());
-            ze2.setCrc(ze.getCrc());
-        }
-        os.putNextEntry(ze2);
-        writeBytes(zf, ze, os);
-    }
-
-    /**
-     * Writes all the bytes for a given entry to the specified output stream.
-     */
-    private synchronized void writeBytes
-        (ZipFile zf, ZipEntry ze, ZipOutputStream os) throws IOException {
-        int n;
-
-        InputStream is = null;
-        try {
-            is = zf.getInputStream(ze);
-            long left = ze.getSize();
-
-            while((left > 0) && (n = is.read(buffer, 0, buffer.length)) != -1) {
-                os.write(buffer, 0, n);
-                left -= n;
-            }
-        } finally {
-            if (is != null) {
-                is.close();
-            }
-        }
-    }
-
-    void loadKeyStore(String keyStoreName, boolean prompt) {
-
-        if (!nullStream && keyStoreName == null) {
-            keyStoreName = System.getProperty("user.home") + File.separator
-                + ".keystore";
-        }
-
-        try {
-
-            certificateFactory = CertificateFactory.getInstance("X.509");
-            validator = CertPathValidator.getInstance("PKIX");
-            Set<TrustAnchor> tas = new HashSet<>();
-            try {
-                KeyStore caks = KeyTool.getCacertsKeyStore();
-                if (caks != null) {
-                    Enumeration<String> aliases = caks.aliases();
-                    while (aliases.hasMoreElements()) {
-                        String a = aliases.nextElement();
-                        try {
-                            tas.add(new TrustAnchor((X509Certificate)caks.getCertificate(a), null));
-                        } catch (Exception e2) {
-                            // ignore, when a SecretkeyEntry does not include a cert
-                        }
-                    }
-                }
-            } catch (Exception e) {
-                // Ignore, if cacerts cannot be loaded
-            }
-
-            if (providerName == null) {
-                store = KeyStore.getInstance(storetype);
-            } else {
-                store = KeyStore.getInstance(storetype, providerName);
-            }
-
-            // Get pass phrase
-            // XXX need to disable echo; on UNIX, call getpass(char *prompt)Z
-            // and on NT call ??
-            if (token && storepass == null && !protectedPath
-                    && !KeyStoreUtil.isWindowsKeyStore(storetype)) {
-                storepass = getPass
-                        (rb.getString("Enter.Passphrase.for.keystore."));
-            } else if (!token && storepass == null && prompt) {
-                storepass = getPass
-                        (rb.getString("Enter.Passphrase.for.keystore."));
-            }
-
-            try {
-                if (nullStream) {
-                    store.load(null, storepass);
-                } else {
-                    keyStoreName = keyStoreName.replace(File.separatorChar, '/');
-                    URL url = null;
-                    try {
-                        url = new URL(keyStoreName);
-                    } catch (java.net.MalformedURLException e) {
-                        // try as file
-                        url = new File(keyStoreName).toURI().toURL();
-                    }
-                    InputStream is = null;
-                    try {
-                        is = url.openStream();
-                        store.load(is, storepass);
-                    } finally {
-                        if (is != null) {
-                            is.close();
-                        }
-                    }
-                }
-                Enumeration<String> aliases = store.aliases();
-                while (aliases.hasMoreElements()) {
-                    String a = aliases.nextElement();
-                    try {
-                        X509Certificate c = (X509Certificate)store.getCertificate(a);
-                        // Only add TrustedCertificateEntry and self-signed
-                        // PrivateKeyEntry
-                        if (store.isCertificateEntry(a) ||
-                                c.getSubjectDN().equals(c.getIssuerDN())) {
-                            tas.add(new TrustAnchor(c, null));
-                        }
-                    } catch (Exception e2) {
-                        // ignore, when a SecretkeyEntry does not include a cert
-                    }
-                }
-            } finally {
-                try {
-                    pkixParameters = new PKIXParameters(tas);
-                    pkixParameters.setRevocationEnabled(false);
-                } catch (InvalidAlgorithmParameterException ex) {
-                    // Only if tas is empty
-                }
-            }
-        } catch (IOException ioe) {
-            throw new RuntimeException(rb.getString("keystore.load.") +
-                                        ioe.getMessage());
-        } catch (java.security.cert.CertificateException ce) {
-            throw new RuntimeException(rb.getString("certificate.exception.") +
-                                        ce.getMessage());
-        } catch (NoSuchProviderException pe) {
-            throw new RuntimeException(rb.getString("keystore.load.") +
-                                        pe.getMessage());
-        } catch (NoSuchAlgorithmException nsae) {
-            throw new RuntimeException(rb.getString("keystore.load.") +
-                                        nsae.getMessage());
-        } catch (KeyStoreException kse) {
-            throw new RuntimeException
-                (rb.getString("unable.to.instantiate.keystore.class.") +
-                kse.getMessage());
-        }
-    }
-
-    X509Certificate getTsaCert(String alias) {
-
-        java.security.cert.Certificate cs = null;
-
-        try {
-            cs = store.getCertificate(alias);
-        } catch (KeyStoreException kse) {
-            // this never happens, because keystore has been loaded
-        }
-        if (cs == null || (!(cs instanceof X509Certificate))) {
-            MessageFormat form = new MessageFormat(rb.getString
-                ("Certificate.not.found.for.alias.alias.must.reference.a.valid.KeyStore.entry.containing.an.X.509.public.key.certificate.for.the"));
-            Object[] source = {alias, alias};
-            error(form.format(source));
-        }
-        return (X509Certificate) cs;
-    }
-
-    /**
-     * Check if userCert is designed to be a code signer
-     * @param userCert the certificate to be examined
-     * @param bad 3 booleans to show if the KeyUsage, ExtendedKeyUsage,
-     *            NetscapeCertType has codeSigning flag turned on.
-     *            If null, the class field badKeyUsage, badExtendedKeyUsage,
-     *            badNetscapeCertType will be set.
-     */
-    void checkCertUsage(X509Certificate userCert, boolean[] bad) {
-
-        // Can act as a signer?
-        // 1. if KeyUsage, then [0:digitalSignature] or
-        //    [1:nonRepudiation] should be true
-        // 2. if ExtendedKeyUsage, then should contains ANY or CODE_SIGNING
-        // 3. if NetscapeCertType, then should contains OBJECT_SIGNING
-        // 1,2,3 must be true
-
-        if (bad != null) {
-            bad[0] = bad[1] = bad[2] = false;
-        }
-
-        boolean[] keyUsage = userCert.getKeyUsage();
-        if (keyUsage != null) {
-            keyUsage = Arrays.copyOf(keyUsage, 9);
-            if (!keyUsage[0] && !keyUsage[1]) {
-                if (bad != null) {
-                    bad[0] = true;
-                    badKeyUsage = true;
-                }
-            }
-        }
-
-        try {
-            List<String> xKeyUsage = userCert.getExtendedKeyUsage();
-            if (xKeyUsage != null) {
-                if (!xKeyUsage.contains("2.5.29.37.0") // anyExtendedKeyUsage
-                        && !xKeyUsage.contains("1.3.6.1.5.5.7.3.3")) {  // codeSigning
-                    if (bad != null) {
-                        bad[1] = true;
-                        badExtendedKeyUsage = true;
-                    }
-                }
-            }
-        } catch (java.security.cert.CertificateParsingException e) {
-            // shouldn't happen
-        }
-
-        try {
-            // OID_NETSCAPE_CERT_TYPE
-            byte[] netscapeEx = userCert.getExtensionValue
-                    ("2.16.840.1.113730.1.1");
-            if (netscapeEx != null) {
-                DerInputStream in = new DerInputStream(netscapeEx);
-                byte[] encoded = in.getOctetString();
-                encoded = new DerValue(encoded).getUnalignedBitString()
-                        .toByteArray();
-
-                NetscapeCertTypeExtension extn =
-                        new NetscapeCertTypeExtension(encoded);
-
-                Boolean val = extn.get(NetscapeCertTypeExtension.OBJECT_SIGNING);
-                if (!val) {
-                    if (bad != null) {
-                        bad[2] = true;
-                        badNetscapeCertType = true;
-                    }
-                }
-            }
-        } catch (IOException e) {
-            //
-        }
-    }
-
-    void getAliasInfo(String alias) {
-
-        Key key = null;
-
-        try {
-            java.security.cert.Certificate[] cs = null;
-            if (altCertChain != null) {
-                try {
-                    cs = CertificateFactory.getInstance("X.509").
-                            generateCertificates(new FileInputStream(altCertChain)).
-                            toArray(new Certificate[0]);
-                } catch (CertificateException ex) {
-                    error(rb.getString("Cannot.restore.certchain.from.file.specified"));
-                } catch (FileNotFoundException ex) {
-                    error(rb.getString("File.specified.by.certchain.does.not.exist"));
-                }
-            } else {
-                try {
-                    cs = store.getCertificateChain(alias);
-                } catch (KeyStoreException kse) {
-                    // this never happens, because keystore has been loaded
-                }
-            }
-            if (cs == null || cs.length == 0) {
-                if (altCertChain != null) {
-                    error(rb.getString
-                            ("Certificate.chain.not.found.in.the.file.specified."));
-                } else {
-                    MessageFormat form = new MessageFormat(rb.getString
-                        ("Certificate.chain.not.found.for.alias.alias.must.reference.a.valid.KeyStore.key.entry.containing.a.private.key.and"));
-                    Object[] source = {alias, alias};
-                    error(form.format(source));
-                }
-            }
-
-            certChain = new X509Certificate[cs.length];
-            for (int i=0; i<cs.length; i++) {
-                if (!(cs[i] instanceof X509Certificate)) {
-                    error(rb.getString
-                        ("found.non.X.509.certificate.in.signer.s.chain"));
-                }
-                certChain[i] = (X509Certificate)cs[i];
-            }
-
-            // We don't meant to print anything, the next call
-            // checks validity and keyUsage etc
-            printCert("", certChain[0], true, null, true);
-
-            try {
-                CertPath cp = certificateFactory.generateCertPath(Arrays.asList(certChain));
-                validator.validate(cp, pkixParameters);
-            } catch (Exception e) {
-                if (debug) {
-                    e.printStackTrace();
-                }
-                if (e.getCause() != null &&
-                        (e.getCause() instanceof CertificateExpiredException ||
-                        e.getCause() instanceof CertificateNotYetValidException)) {
-                    // No more warning, we alreay have hasExpiredCert or notYetValidCert
-                } else {
-                    chainNotValidated = true;
-                }
-            }
-
-            try {
-                if (!token && keypass == null)
-                    key = store.getKey(alias, storepass);
-                else
-                    key = store.getKey(alias, keypass);
-            } catch (UnrecoverableKeyException e) {
-                if (token) {
-                    throw e;
-                } else if (keypass == null) {
-                    // Did not work out, so prompt user for key password
-                    MessageFormat form = new MessageFormat(rb.getString
-                        ("Enter.key.password.for.alias."));
-                    Object[] source = {alias};
-                    keypass = getPass(form.format(source));
-                    key = store.getKey(alias, keypass);
-                }
-            }
-        } catch (NoSuchAlgorithmException e) {
-            error(e.getMessage());
-        } catch (UnrecoverableKeyException e) {
-            error(rb.getString("unable.to.recover.key.from.keystore"));
-        } catch (KeyStoreException kse) {
-            // this never happens, because keystore has been loaded
-        }
-
-        if (!(key instanceof PrivateKey)) {
-            MessageFormat form = new MessageFormat(rb.getString
-                ("key.associated.with.alias.not.a.private.key"));
-            Object[] source = {alias};
-            error(form.format(source));
-        } else {
-            privateKey = (PrivateKey)key;
-        }
-    }
-
-    void error(String message)
-    {
-        System.out.println(rb.getString("jarsigner.")+message);
-        System.exit(1);
-    }
-
-
-    void error(String message, Exception e)
-    {
-        System.out.println(rb.getString("jarsigner.")+message);
-        if (debug) {
-            e.printStackTrace();
-        }
-        System.exit(1);
-    }
-
-    char[] getPass(String prompt)
-    {
-        System.err.print(prompt);
-        System.err.flush();
-        try {
-            char[] pass = Password.readPassword(System.in);
-
-            if (pass == null) {
-                error(rb.getString("you.must.enter.key.password"));
-            } else {
-                return pass;
-            }
-        } catch (IOException ioe) {
-            error(rb.getString("unable.to.read.password.")+ioe.getMessage());
-        }
-        // this shouldn't happen
-        return null;
-    }
-
-    /*
-     * Reads all the bytes for a given zip entry.
-     */
-    private synchronized byte[] getBytes(ZipFile zf,
-                                         ZipEntry ze) throws IOException {
-        int n;
-
-        InputStream is = null;
-        try {
-            is = zf.getInputStream(ze);
-            baos.reset();
-            long left = ze.getSize();
-
-            while((left > 0) && (n = is.read(buffer, 0, buffer.length)) != -1) {
-                baos.write(buffer, 0, n);
-                left -= n;
-            }
-        } finally {
-            if (is != null) {
-                is.close();
-            }
-        }
-
-        return baos.toByteArray();
-    }
-
-    /*
-     * Returns manifest entry from given jar file, or null if given jar file
-     * does not have a manifest entry.
-     */
-    private ZipEntry getManifestFile(ZipFile zf) {
-        ZipEntry ze = zf.getEntry(JarFile.MANIFEST_NAME);
-        if (ze == null) {
-            // Check all entries for matching name
-            Enumeration<? extends ZipEntry> enum_ = zf.entries();
-            while (enum_.hasMoreElements() && ze == null) {
-                ze = enum_.nextElement();
-                if (!JarFile.MANIFEST_NAME.equalsIgnoreCase
-                    (ze.getName())) {
-                    ze = null;
-                }
-            }
-        }
-        return ze;
-    }
-
-    /*
-     * Computes the digests of a zip entry, and returns them as an array
-     * of base64-encoded strings.
-     */
-    private synchronized String[] getDigests(ZipEntry ze, ZipFile zf,
-                                             MessageDigest[] digests,
-                                             BASE64Encoder encoder)
-        throws IOException {
-
-        int n, i;
-        InputStream is = null;
-        try {
-            is = zf.getInputStream(ze);
-            long left = ze.getSize();
-            while((left > 0)
-                && (n = is.read(buffer, 0, buffer.length)) != -1) {
-                for (i=0; i<digests.length; i++) {
-                    digests[i].update(buffer, 0, n);
-                }
-                left -= n;
-            }
-        } finally {
-            if (is != null) {
-                is.close();
-            }
-        }
-
-        // complete the digests
-        String[] base64Digests = new String[digests.length];
-        for (i=0; i<digests.length; i++) {
-            base64Digests[i] = encoder.encode(digests[i].digest());
-        }
-        return base64Digests;
-    }
-
-    /*
-     * Computes the digests of a zip entry, and returns them as a list of
-     * attributes
-     */
-    private Attributes getDigestAttributes(ZipEntry ze, ZipFile zf,
-                                           MessageDigest[] digests,
-                                           BASE64Encoder encoder)
-        throws IOException {
-
-        String[] base64Digests = getDigests(ze, zf, digests, encoder);
-        Attributes attrs = new Attributes();
-
-        for (int i=0; i<digests.length; i++) {
-            attrs.putValue(digests[i].getAlgorithm()+"-Digest",
-                           base64Digests[i]);
-        }
-        return attrs;
-    }
-
-    /*
-     * Updates the digest attributes of a manifest entry, by adding or
-     * replacing digest values.
-     * A digest value is added if the manifest entry does not contain a digest
-     * for that particular algorithm.
-     * A digest value is replaced if it is obsolete.
-     *
-     * Returns true if the manifest entry has been changed, and false
-     * otherwise.
-     */
-    private boolean updateDigests(ZipEntry ze, ZipFile zf,
-                                  MessageDigest[] digests,
-                                  BASE64Encoder encoder,
-                                  Manifest mf) throws IOException {
-        boolean update = false;
-
-        Attributes attrs = mf.getAttributes(ze.getName());
-        String[] base64Digests = getDigests(ze, zf, digests, encoder);
-
-        for (int i=0; i<digests.length; i++) {
-            // The entry name to be written into attrs
-            String name = null;
-            try {
-                // Find if the digest already exists
-                AlgorithmId aid = AlgorithmId.get(digests[i].getAlgorithm());
-                for (Object key: attrs.keySet()) {
-                    if (key instanceof Attributes.Name) {
-                        String n = ((Attributes.Name)key).toString();
-                        if (n.toUpperCase(Locale.ENGLISH).endsWith("-DIGEST")) {
-                            String tmp = n.substring(0, n.length() - 7);
-                            if (AlgorithmId.get(tmp).equals(aid)) {
-                                name = n;
-                                break;
-                            }
-                        }
-                    }
-                }
-            } catch (NoSuchAlgorithmException nsae) {
-                // Ignored. Writing new digest entry.
-            }
-
-            if (name == null) {
-                name = digests[i].getAlgorithm()+"-Digest";
-                attrs.putValue(name, base64Digests[i]);
-                update=true;
-            } else {
-                // compare digests, and replace the one in the manifest
-                // if they are different
-                String mfDigest = attrs.getValue(name);
-                if (!mfDigest.equalsIgnoreCase(base64Digests[i])) {
-                    attrs.putValue(name, base64Digests[i]);
-                    update=true;
-                }
-            }
-        }
-        return update;
-    }
-
-    /*
-     * Try to load the specified signing mechanism.
-     * The URL class loader is used.
-     */
-    private ContentSigner loadSigningMechanism(String signerClassName,
-        String signerClassPath) throws Exception {
-
-        // construct class loader
-        String cpString = null;   // make sure env.class.path defaults to dot
-
-        // do prepends to get correct ordering
-        cpString = PathList.appendPath(System.getProperty("env.class.path"), cpString);
-        cpString = PathList.appendPath(System.getProperty("java.class.path"), cpString);
-        cpString = PathList.appendPath(signerClassPath, cpString);
-        URL[] urls = PathList.pathToURLs(cpString);
-        ClassLoader appClassLoader = new URLClassLoader(urls);
-
-        // attempt to find signer
-        Class<?> signerClass = appClassLoader.loadClass(signerClassName);
-
-        // Check that it implements ContentSigner
-        Object signer = signerClass.newInstance();
-        if (!(signer instanceof ContentSigner)) {
-            MessageFormat form = new MessageFormat(
-                rb.getString("signerClass.is.not.a.signing.mechanism"));
-            Object[] source = {signerClass.getName()};
-            throw new IllegalArgumentException(form.format(source));
-        }
-        return (ContentSigner)signer;
-    }
-}
-
-/**
- * This is a BASE64Encoder that does not insert a default newline at the end of
- * every output line. This is necessary because java.util.jar does its own
- * line management (see Manifest.make72Safe()). Inserting additional new lines
- * can cause line-wrapping problems (see CR 6219522).
- */
-class JarBASE64Encoder extends BASE64Encoder {
-    /**
-     * Encode the suffix that ends every output line.
-     */
-    protected void encodeLineSuffix(OutputStream aStream) throws IOException { }
-}
-
-class SignatureFile {
-
-    /** SignatureFile */
-    Manifest sf;
-
-    /** .SF base name */
-    String baseName;
-
-    public SignatureFile(MessageDigest digests[],
-                         Manifest mf,
-                         ManifestDigester md,
-                         String baseName,
-                         boolean signManifest)
-
-    {
-        this.baseName = baseName;
-
-        String version = System.getProperty("java.version");
-        String javaVendor = System.getProperty("java.vendor");
-
-        sf = new Manifest();
-        Attributes mattr = sf.getMainAttributes();
-        BASE64Encoder encoder = new JarBASE64Encoder();
-
-        mattr.putValue(Attributes.Name.SIGNATURE_VERSION.toString(), "1.0");
-        mattr.putValue("Created-By", version + " (" + javaVendor + ")");
-
-        if (signManifest) {
-            // sign the whole manifest
-            for (int i=0; i < digests.length; i++) {
-                mattr.putValue(digests[i].getAlgorithm()+"-Digest-Manifest",
-                               encoder.encode(md.manifestDigest(digests[i])));
-            }
-        }
-
-        // create digest of the manifest main attributes
-        ManifestDigester.Entry mde =
-                md.get(ManifestDigester.MF_MAIN_ATTRS, false);
-        if (mde != null) {
-            for (int i=0; i < digests.length; i++) {
-                mattr.putValue(digests[i].getAlgorithm() +
-                        "-Digest-" + ManifestDigester.MF_MAIN_ATTRS,
-                        encoder.encode(mde.digest(digests[i])));
-            }
-        } else {
-            throw new IllegalStateException
-                ("ManifestDigester failed to create " +
-                "Manifest-Main-Attribute entry");
-        }
-
-        /* go through the manifest entries and create the digests */
-
-        Map<String,Attributes> entries = sf.getEntries();
-        Iterator<Map.Entry<String,Attributes>> mit =
-                                mf.getEntries().entrySet().iterator();
-        while(mit.hasNext()) {
-            Map.Entry<String,Attributes> e = mit.next();
-            String name = e.getKey();
-            mde = md.get(name, false);
-            if (mde != null) {
-                Attributes attr = new Attributes();
-                for (int i=0; i < digests.length; i++) {
-                    attr.putValue(digests[i].getAlgorithm()+"-Digest",
-                                  encoder.encode(mde.digest(digests[i])));
-                }
-                entries.put(name, attr);
-            }
-        }
-    }
-
-    /**
-     * Writes the SignatureFile to the specified OutputStream.
-     *
-     * @param out the output stream
-     * @exception IOException if an I/O error has occurred
-     */
-
-    public void write(OutputStream out) throws IOException
-    {
-        sf.write(out);
-    }
-
-    /**
-     * get .SF file name
-     */
-    public String getMetaName()
-    {
-        return "META-INF/"+ baseName + ".SF";
-    }
-
-    /**
-     * get base file name
-     */
-    public String getBaseName()
-    {
-        return baseName;
-    }
-
-    /*
-     * Generate a signed data block.
-     * If a URL or a certificate (containing a URL) for a Timestamping
-     * Authority is supplied then a signature timestamp is generated and
-     * inserted into the signed data block.
-     *
-     * @param sigalg signature algorithm to use, or null to use default
-     * @param tsaUrl The location of the Timestamping Authority. If null
-     *               then no timestamp is requested.
-     * @param tsaCert The certificate for the Timestamping Authority. If null
-     *               then no timestamp is requested.
-     * @param signingMechanism The signing mechanism to use.
-     * @param args The command-line arguments to jarsigner.
-     * @param zipFile The original source Zip file.
-     */
-    public Block generateBlock(PrivateKey privateKey,
-                               String sigalg,
-                               X509Certificate[] certChain,
-                               boolean externalSF, String tsaUrl,
-                               X509Certificate tsaCert,
-                               ContentSigner signingMechanism,
-                               String[] args, ZipFile zipFile)
-        throws NoSuchAlgorithmException, InvalidKeyException, IOException,
-            SignatureException, CertificateException
-    {
-        return new Block(this, privateKey, sigalg, certChain, externalSF,
-                tsaUrl, tsaCert, signingMechanism, args, zipFile);
-    }
-
-
-    public static class Block {
-
-        private byte[] block;
-        private String blockFileName;
-
-        /*
-         * Construct a new signature block.
-         */
-        Block(SignatureFile sfg, PrivateKey privateKey, String sigalg,
-            X509Certificate[] certChain, boolean externalSF, String tsaUrl,
-            X509Certificate tsaCert, ContentSigner signingMechanism,
-            String[] args, ZipFile zipFile)
-            throws NoSuchAlgorithmException, InvalidKeyException, IOException,
-            SignatureException, CertificateException {
-
-            Principal issuerName = certChain[0].getIssuerDN();
-            if (!(issuerName instanceof X500Name)) {
-                // must extract the original encoded form of DN for subsequent
-                // name comparison checks (converting to a String and back to
-                // an encoded DN could cause the types of String attribute
-                // values to be changed)
-                X509CertInfo tbsCert = new
-                    X509CertInfo(certChain[0].getTBSCertificate());
-                issuerName = (Principal)
-                    tbsCert.get(CertificateIssuerName.NAME + "." +
-                                CertificateIssuerName.DN_NAME);
-            }
-            BigInteger serial = certChain[0].getSerialNumber();
-
-            String signatureAlgorithm;
-            String keyAlgorithm = privateKey.getAlgorithm();
-            /*
-             * If no signature algorithm was specified, we choose a
-             * default that is compatible with the private key algorithm.
-             */
-            if (sigalg == null) {
-
-                if (keyAlgorithm.equalsIgnoreCase("DSA"))
-                    signatureAlgorithm = "SHA1withDSA";
-                else if (keyAlgorithm.equalsIgnoreCase("RSA"))
-                    signatureAlgorithm = "SHA256withRSA";
-                else if (keyAlgorithm.equalsIgnoreCase("EC"))
-                    signatureAlgorithm = "SHA256withECDSA";
-                else
-                    throw new RuntimeException("private key is not a DSA or "
-                                               + "RSA key");
-            } else {
-                signatureAlgorithm = sigalg;
-            }
-
-            // check common invalid key/signature algorithm combinations
-            String sigAlgUpperCase = signatureAlgorithm.toUpperCase(Locale.ENGLISH);
-            if ((sigAlgUpperCase.endsWith("WITHRSA") &&
-                !keyAlgorithm.equalsIgnoreCase("RSA")) ||
-                (sigAlgUpperCase.endsWith("WITHECDSA") &&
-                !keyAlgorithm.equalsIgnoreCase("EC")) ||
-                (sigAlgUpperCase.endsWith("WITHDSA") &&
-                !keyAlgorithm.equalsIgnoreCase("DSA"))) {
-                throw new SignatureException
-                    ("private key algorithm is not compatible with signature algorithm");
-            }
-
-            blockFileName = "META-INF/"+sfg.getBaseName()+"."+keyAlgorithm;
-
-            AlgorithmId sigAlg = AlgorithmId.get(signatureAlgorithm);
-            AlgorithmId digEncrAlg = AlgorithmId.get(keyAlgorithm);
-
-            Signature sig = Signature.getInstance(signatureAlgorithm);
-            sig.initSign(privateKey);
-
-            ByteArrayOutputStream baos = new ByteArrayOutputStream();
-            sfg.write(baos);
-
-            byte[] content = baos.toByteArray();
-
-            sig.update(content);
-            byte[] signature = sig.sign();
-
-            // Timestamp the signature and generate the signature block file
-            if (signingMechanism == null) {
-                signingMechanism = new TimestampedSigner();
-            }
-            URI tsaUri = null;
-            try {
-                if (tsaUrl != null) {
-                    tsaUri = new URI(tsaUrl);
-                }
-            } catch (URISyntaxException e) {
-                throw new IOException(e);
-            }
-
-            // Assemble parameters for the signing mechanism
-            ContentSignerParameters params =
-                new JarSignerParameters(args, tsaUri, tsaCert, signature,
-                    signatureAlgorithm, certChain, content, zipFile);
-
-            // Generate the signature block
-            block = signingMechanism.generateSignedData(
-                    params, externalSF, (tsaUrl != null || tsaCert != null));
-        }
-
-        /*
-         * get block file name.
-         */
-        public String getMetaName()
-        {
-            return blockFileName;
-        }
-
-        /**
-         * Writes the block file to the specified OutputStream.
-         *
-         * @param out the output stream
-         * @exception IOException if an I/O error has occurred
-         */
-
-        public void write(OutputStream out) throws IOException
-        {
-            out.write(block);
-        }
-    }
-}
-
-
-/*
- * This object encapsulates the parameters used to perform content signing.
- */
-class JarSignerParameters implements ContentSignerParameters {
-
-    private String[] args;
-    private URI tsa;
-    private X509Certificate tsaCertificate;
-    private byte[] signature;
-    private String signatureAlgorithm;
-    private X509Certificate[] signerCertificateChain;
-    private byte[] content;
-    private ZipFile source;
-
-    /**
-     * Create a new object.
-     */
-    JarSignerParameters(String[] args, URI tsa, X509Certificate tsaCertificate,
-        byte[] signature, String signatureAlgorithm,
-        X509Certificate[] signerCertificateChain, byte[] content,
-        ZipFile source) {
-
-        if (signature == null || signatureAlgorithm == null ||
-            signerCertificateChain == null) {
-            throw new NullPointerException();
-        }
-        this.args = args;
-        this.tsa = tsa;
-        this.tsaCertificate = tsaCertificate;
-        this.signature = signature;
-        this.signatureAlgorithm = signatureAlgorithm;
-        this.signerCertificateChain = signerCertificateChain;
-        this.content = content;
-        this.source = source;
-    }
-
-    /**
-     * Retrieves the command-line arguments.
-     *
-     * @return The command-line arguments. May be null.
-     */
-    public String[] getCommandLine() {
-        return args;
-    }
-
-    /**
-     * Retrieves the identifier for a Timestamping Authority (TSA).
-     *
-     * @return The TSA identifier. May be null.
-     */
-    public URI getTimestampingAuthority() {
-        return tsa;
-    }
-
-    /**
-     * Retrieves the certificate for a Timestamping Authority (TSA).
-     *
-     * @return The TSA certificate. May be null.
-     */
-    public X509Certificate getTimestampingAuthorityCertificate() {
-        return tsaCertificate;
-    }
-
-    /**
-     * Retrieves the signature.
-     *
-     * @return The non-null signature bytes.
-     */
-    public byte[] getSignature() {
-        return signature;
-    }
-
-    /**
-     * Retrieves the name of the signature algorithm.
-     *
-     * @return The non-null string name of the signature algorithm.
-     */
-    public String getSignatureAlgorithm() {
-        return signatureAlgorithm;
-    }
-
-    /**
-     * Retrieves the signer's X.509 certificate chain.
-     *
-     * @return The non-null array of X.509 public-key certificates.
-     */
-    public X509Certificate[] getSignerCertificateChain() {
-        return signerCertificateChain;
-    }
-
-    /**
-     * Retrieves the content that was signed.
-     *
-     * @return The content bytes. May be null.
-     */
-    public byte[] getContent() {
-        return content;
-    }
-
-    /**
-     * Retrieves the original source ZIP file before it was signed.
-     *
-     * @return The original ZIP file. May be null.
-     */
-    public ZipFile getSource() {
-        return source;
-    }
-}
--- a/jdk/src/share/classes/sun/security/tools/JarSignerResources.java	Sat Oct 13 10:15:57 2012 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,242 +0,0 @@
-/*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package sun.security.tools;
-
-/**
- * <p> This class represents the <code>ResourceBundle</code>
- * for JarSigner.
- *
- */
-public class JarSignerResources extends java.util.ListResourceBundle {
-
-    private static final Object[][] contents = {
-
-        // shared (from jarsigner)
-        {"SPACE", " "},
-        {"2SPACE", "  "},
-        {"6SPACE", "      "},
-        {"COMMA", ", "},
-
-        {"provName.not.a.provider", "{0} not a provider"},
-        {"signerClass.is.not.a.signing.mechanism", "{0} is not a signing mechanism"},
-        {"jarsigner.error.", "jarsigner error: "},
-        {"Illegal.option.", "Illegal option: "},
-        {".keystore.must.be.NONE.if.storetype.is.{0}",
-                "-keystore must be NONE if -storetype is {0}"},
-        {".keypass.can.not.be.specified.if.storetype.is.{0}",
-                "-keypass can not be specified if -storetype is {0}"},
-        {"If.protected.is.specified.then.storepass.and.keypass.must.not.be.specified",
-                "If -protected is specified, then -storepass and -keypass must not be specified"},
-        {"If.keystore.is.not.password.protected.then.storepass.and.keypass.must.not.be.specified",
-                 "If keystore is not password protected, then -storepass and -keypass must not be specified"},
-        {"Usage.jarsigner.options.jar.file.alias",
-                "Usage: jarsigner [options] jar-file alias"},
-        {".jarsigner.verify.options.jar.file.alias.",
-                "       jarsigner -verify [options] jar-file [alias...]"},
-        {".keystore.url.keystore.location",
-                "[-keystore <url>]           keystore location"},
-        {".storepass.password.password.for.keystore.integrity",
-            "[-storepass <password>]     password for keystore integrity"},
-        {".storetype.type.keystore.type",
-                "[-storetype <type>]         keystore type"},
-        {".keypass.password.password.for.private.key.if.different.",
-                "[-keypass <password>]       password for private key (if different)"},
-        {".certchain.file.name.of.alternative.certchain.file",
-                "[-certchain <file>]         name of alternative certchain file"},
-        {".sigfile.file.name.of.SF.DSA.file",
-                "[-sigfile <file>]           name of .SF/.DSA file"},
-        {".signedjar.file.name.of.signed.JAR.file",
-                "[-signedjar <file>]         name of signed JAR file"},
-        {".digestalg.algorithm.name.of.digest.algorithm",
-                "[-digestalg <algorithm>]    name of digest algorithm"},
-        {".sigalg.algorithm.name.of.signature.algorithm",
-                "[-sigalg <algorithm>]       name of signature algorithm"},
-        {".verify.verify.a.signed.JAR.file",
-                "[-verify]                   verify a signed JAR file"},
-        {".verbose.suboptions.verbose.output.when.signing.verifying.",
-                "[-verbose[:suboptions]]     verbose output when signing/verifying."},
-        {".suboptions.can.be.all.grouped.or.summary",
-                "                            suboptions can be all, grouped or summary"},
-        {".certs.display.certificates.when.verbose.and.verifying",
-                "[-certs]                    display certificates when verbose and verifying"},
-        {".tsa.url.location.of.the.Timestamping.Authority",
-                "[-tsa <url>]                location of the Timestamping Authority"},
-        {".tsacert.alias.public.key.certificate.for.Timestamping.Authority",
-                "[-tsacert <alias>]          public key certificate for Timestamping Authority"},
-        {".altsigner.class.class.name.of.an.alternative.signing.mechanism",
-                "[-altsigner <class>]        class name of an alternative signing mechanism"},
-        {".altsignerpath.pathlist.location.of.an.alternative.signing.mechanism",
-                "[-altsignerpath <pathlist>] location of an alternative signing mechanism"},
-        {".internalsf.include.the.SF.file.inside.the.signature.block",
-                "[-internalsf]               include the .SF file inside the signature block"},
-        {".sectionsonly.don.t.compute.hash.of.entire.manifest",
-                "[-sectionsonly]             don't compute hash of entire manifest"},
-        {".protected.keystore.has.protected.authentication.path",
-                "[-protected]                keystore has protected authentication path"},
-        {".providerName.name.provider.name",
-                "[-providerName <name>]      provider name"},
-        {".providerClass.class.name.of.cryptographic.service.provider.s",
-                "[-providerClass <class>     name of cryptographic service provider's"},
-        {".providerArg.arg.master.class.file.and.constructor.argument",
-                "  [-providerArg <arg>]] ... master class file and constructor argument"},
-        {".strict.treat.warnings.as.errors",
-                "[-strict]                   treat warnings as errors"},
-        {"Option.lacks.argument", "Option lacks argument"},
-        {"Please.type.jarsigner.help.for.usage", "Please type jarsigner -help for usage"},
-        {"Please.specify.jarfile.name", "Please specify jarfile name"},
-        {"Please.specify.alias.name", "Please specify alias name"},
-        {"Only.one.alias.can.be.specified", "Only one alias can be specified"},
-        {"This.jar.contains.signed.entries.which.is.not.signed.by.the.specified.alias.es.",
-                 "This jar contains signed entries which is not signed by the specified alias(es)."},
-        {"This.jar.contains.signed.entries.that.s.not.signed.by.alias.in.this.keystore.",
-                  "This jar contains signed entries that's not signed by alias in this keystore."},
-        {"s", "s"},
-        {"m", "m"},
-        {"k", "k"},
-        {"i", "i"},
-        {".and.d.more.", "(and %d more)"},
-        {".s.signature.was.verified.",
-                "  s = signature was verified "},
-        {".m.entry.is.listed.in.manifest",
-                "  m = entry is listed in manifest"},
-        {".k.at.least.one.certificate.was.found.in.keystore",
-                "  k = at least one certificate was found in keystore"},
-        {".i.at.least.one.certificate.was.found.in.identity.scope",
-                "  i = at least one certificate was found in identity scope"},
-        {".X.not.signed.by.specified.alias.es.",
-                "  X = not signed by specified alias(es)"},
-        {"no.manifest.", "no manifest."},
-        {".Signature.related.entries.","(Signature related entries)"},
-        {".Unsigned.entries.", "(Unsigned entries)"},
-        {"jar.is.unsigned.signatures.missing.or.not.parsable.",
-                "jar is unsigned. (signatures missing or not parsable)"},
-        {"jar.verified.", "jar verified."},
-        {"jarsigner.", "jarsigner: "},
-        {"signature.filename.must.consist.of.the.following.characters.A.Z.0.9.or.",
-                "signature filename must consist of the following characters: A-Z, 0-9, _ or -"},
-        {"unable.to.open.jar.file.", "unable to open jar file: "},
-        {"unable.to.create.", "unable to create: "},
-        {".adding.", "   adding: "},
-        {".updating.", " updating: "},
-        {".signing.", "  signing: "},
-        {"attempt.to.rename.signedJarFile.to.jarFile.failed",
-                "attempt to rename {0} to {1} failed"},
-        {"attempt.to.rename.jarFile.to.origJar.failed",
-                "attempt to rename {0} to {1} failed"},
-        {"unable.to.sign.jar.", "unable to sign jar: "},
-        {"Enter.Passphrase.for.keystore.", "Enter Passphrase for keystore: "},
-        {"keystore.load.", "keystore load: "},
-        {"certificate.exception.", "certificate exception: "},
-        {"unable.to.instantiate.keystore.class.",
-                "unable to instantiate keystore class: "},
-        {"Certificate.chain.not.found.for.alias.alias.must.reference.a.valid.KeyStore.key.entry.containing.a.private.key.and",
-                "Certificate chain not found for: {0}.  {1} must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain."},
-        {"File.specified.by.certchain.does.not.exist",
-                "File specified by -certchain does not exist"},
-        {"Cannot.restore.certchain.from.file.specified",
-                "Cannot restore certchain from file specified"},
-        {"Certificate.chain.not.found.in.the.file.specified.",
-                "Certificate chain not found in the file specified."},
-        {"found.non.X.509.certificate.in.signer.s.chain",
-                "found non-X.509 certificate in signer's chain"},
-        {"incomplete.certificate.chain", "incomplete certificate chain"},
-        {"Enter.key.password.for.alias.", "Enter key password for {0}: "},
-        {"unable.to.recover.key.from.keystore",
-                "unable to recover key from keystore"},
-        {"key.associated.with.alias.not.a.private.key",
-                "key associated with {0} not a private key"},
-        {"you.must.enter.key.password", "you must enter key password"},
-        {"unable.to.read.password.", "unable to read password: "},
-        {"certificate.is.valid.from", "certificate is valid from {0} to {1}"},
-        {"certificate.expired.on", "certificate expired on {0}"},
-        {"certificate.is.not.valid.until",
-                "certificate is not valid until {0}"},
-        {"certificate.will.expire.on", "certificate will expire on {0}"},
-        {".CertPath.not.validated.", "[CertPath not validated: "},
-        {"requesting.a.signature.timestamp",
-                "requesting a signature timestamp"},
-        {"TSA.location.", "TSA location: "},
-        {"TSA.certificate.", "TSA certificate: "},
-        {"no.response.from.the.Timestamping.Authority.",
-                "no response from the Timestamping Authority. When connecting"
-                + " from behind a firewall an HTTP or HTTPS proxy may need to"
-                + " be specified. Supply the following options to jarsigner:"},
-        {"or", "or"},
-        {"Certificate.not.found.for.alias.alias.must.reference.a.valid.KeyStore.entry.containing.an.X.509.public.key.certificate.for.the",
-                "Certificate not found for: {0}.  {1} must reference a valid KeyStore entry containing an X.509 public key certificate for the Timestamping Authority."},
-        {"using.an.alternative.signing.mechanism",
-                "using an alternative signing mechanism"},
-        {"entry.was.signed.on", "entry was signed on {0}"},
-        {"Warning.", "Warning: "},
-        {"This.jar.contains.unsigned.entries.which.have.not.been.integrity.checked.",
-                "This jar contains unsigned entries which have not been integrity-checked. "},
-        {"This.jar.contains.entries.whose.signer.certificate.has.expired.",
-                "This jar contains entries whose signer certificate has expired. "},
-        {"This.jar.contains.entries.whose.signer.certificate.will.expire.within.six.months.",
-                "This jar contains entries whose signer certificate will expire within six months. "},
-        {"This.jar.contains.entries.whose.signer.certificate.is.not.yet.valid.",
-                "This jar contains entries whose signer certificate is not yet valid. "},
-        {"Re.run.with.the.verbose.option.for.more.details.",
-                "Re-run with the -verbose option for more details."},
-        {"Re.run.with.the.verbose.and.certs.options.for.more.details.",
-                "Re-run with the -verbose and -certs options for more details."},
-        {"The.signer.certificate.has.expired.",
-                "The signer certificate has expired."},
-        {"The.signer.certificate.will.expire.within.six.months.",
-                "The signer certificate will expire within six months."},
-        {"The.signer.certificate.is.not.yet.valid.",
-                "The signer certificate is not yet valid."},
-        {"The.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing.",
-                 "The signer certificate's KeyUsage extension doesn't allow code signing."},
-        {"The.signer.certificate.s.ExtendedKeyUsage.extension.doesn.t.allow.code.signing.",
-                 "The signer certificate's ExtendedKeyUsage extension doesn't allow code signing."},
-        {"The.signer.certificate.s.NetscapeCertType.extension.doesn.t.allow.code.signing.",
-                 "The signer certificate's NetscapeCertType extension doesn't allow code signing."},
-        {"This.jar.contains.entries.whose.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing.",
-                 "This jar contains entries whose signer certificate's KeyUsage extension doesn't allow code signing."},
-        {"This.jar.contains.entries.whose.signer.certificate.s.ExtendedKeyUsage.extension.doesn.t.allow.code.signing.",
-                 "This jar contains entries whose signer certificate's ExtendedKeyUsage extension doesn't allow code signing."},
-        {"This.jar.contains.entries.whose.signer.certificate.s.NetscapeCertType.extension.doesn.t.allow.code.signing.",
-                 "This jar contains entries whose signer certificate's NetscapeCertType extension doesn't allow code signing."},
-        {".{0}.extension.does.not.support.code.signing.",
-                 "[{0} extension does not support code signing]"},
-        {"The.signer.s.certificate.chain.is.not.validated.",
-                "The signer's certificate chain is not validated."},
-        {"This.jar.contains.entries.whose.certificate.chain.is.not.validated.",
-                 "This jar contains entries whose certificate chain is not validated."},
-    };
-
-    /**
-     * Returns the contents of this <code>ResourceBundle</code>.
-     *
-     * <p>
-     *
-     * @return the contents of this <code>ResourceBundle</code>.
-     */
-    public Object[][] getContents() {
-        return contents;
-    }
-}
--- a/jdk/src/share/classes/sun/security/tools/JarSignerResources_ja.java	Sat Oct 13 10:15:57 2012 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,240 +0,0 @@
-/*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package sun.security.tools;
-
-/**
- * <p> This class represents the <code>ResourceBundle</code>
- * for JarSigner.
- *
- */
-public class JarSignerResources_ja extends java.util.ListResourceBundle {
-
-    private static final Object[][] contents = {
-
-        // shared (from jarsigner)
-        {"SPACE", " "},
-        {"2SPACE", "  "},
-        {"6SPACE", "      "},
-        {"COMMA", ", "},
-
-        {"provName.not.a.provider", "{0}\u306F\u30D7\u30ED\u30D0\u30A4\u30C0\u3067\u306F\u3042\u308A\u307E\u305B\u3093"},
-        {"signerClass.is.not.a.signing.mechanism", "{0}\u306F\u7F72\u540D\u30E1\u30AB\u30CB\u30BA\u30E0\u3067\u306F\u3042\u308A\u307E\u305B\u3093"},
-        {"jarsigner.error.", "jarsigner\u30A8\u30E9\u30FC: "},
-        {"Illegal.option.", "\u4E0D\u6B63\u306A\u30AA\u30D7\u30B7\u30E7\u30F3: "},
-        {".keystore.must.be.NONE.if.storetype.is.{0}",
-                "-storetype\u304C{0}\u306E\u5834\u5408\u3001-keystore\u306FNONE\u3067\u3042\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059"},
-        {".keypass.can.not.be.specified.if.storetype.is.{0}",
-                "-storetype\u304C{0}\u306E\u5834\u5408\u3001-keypass\u306F\u6307\u5B9A\u3067\u304D\u307E\u305B\u3093"},
-        {"If.protected.is.specified.then.storepass.and.keypass.must.not.be.specified",
-                "-protected\u3092\u6307\u5B9A\u3059\u308B\u5834\u5408\u306F\u3001-storepass\u304A\u3088\u3073-keypass\u3092\u6307\u5B9A\u3057\u306A\u3044\u3067\u304F\u3060\u3055\u3044"},
-        {"If.keystore.is.not.password.protected.then.storepass.and.keypass.must.not.be.specified",
-                 "\u30AD\u30FC\u30B9\u30C8\u30A2\u304C\u30D1\u30B9\u30EF\u30FC\u30C9\u3067\u4FDD\u8B77\u3055\u308C\u3066\u3044\u306A\u3044\u5834\u5408\u3001-storepass\u304A\u3088\u3073-keypass\u3092\u6307\u5B9A\u3057\u306A\u3044\u3067\u304F\u3060\u3055\u3044"},
-        {"Usage.jarsigner.options.jar.file.alias",
-                "\u4F7F\u7528\u65B9\u6CD5: jarsigner [options] jar-file alias"},
-        {".jarsigner.verify.options.jar.file.alias.",
-                "       jarsigner -verify [options] jar-file [alias...]"},
-        {".keystore.url.keystore.location",
-                "[-keystore <url>]       \u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u4F4D\u7F6E"},
-        {".storepass.password.password.for.keystore.integrity",
-            "[-storepass <password>]   \u30AD\u30FC\u30B9\u30C8\u30A2\u6574\u5408\u6027\u306E\u305F\u3081\u306E\u30D1\u30B9\u30EF\u30FC\u30C9"},
-        {".storetype.type.keystore.type",
-                "[-storetype <type>]     \u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u578B"},
-        {".keypass.password.password.for.private.key.if.different.",
-                "[-keypass <password>]    \u79D8\u5BC6\u9375\u306E\u30D1\u30B9\u30EF\u30FC\u30C9(\u7570\u306A\u308B\u5834\u5408)"},
-        {".certchain.file.name.of.alternative.certchain.file",
-                "[-certchain <file>]         \u4EE3\u66FF\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u30FB\u30D5\u30A1\u30A4\u30EB\u306E\u540D\u524D"},
-        {".sigfile.file.name.of.SF.DSA.file",
-                "[-sigfile <file>]       .SF/.DSA\u30D5\u30A1\u30A4\u30EB\u306E\u540D\u524D"},
-        {".signedjar.file.name.of.signed.JAR.file",
-                "[-signedjar <file>]     \u7F72\u540D\u4ED8\u304DJAR\u30D5\u30A1\u30A4\u30EB\u306E\u540D\u524D"},
-        {".digestalg.algorithm.name.of.digest.algorithm",
-                "[-digestalg <algorithm>]  \u30C0\u30A4\u30B8\u30A7\u30B9\u30C8\u30FB\u30A2\u30EB\u30B4\u30EA\u30BA\u30E0\u306E\u540D\u524D"},
-        {".sigalg.algorithm.name.of.signature.algorithm",
-                "[-sigalg <algorithm>]    \u7F72\u540D\u30A2\u30EB\u30B4\u30EA\u30BA\u30E0\u306E\u540D\u524D"},
-        {".verify.verify.a.signed.JAR.file",
-                "[-verify]            \u7F72\u540D\u4ED8\u304DJAR\u30D5\u30A1\u30A4\u30EB\u306E\u691C\u8A3C"},
-        {".verbose.suboptions.verbose.output.when.signing.verifying.",
-                "[-verbose[:suboptions]]     \u7F72\u540D/\u691C\u8A3C\u6642\u306E\u8A73\u7D30\u51FA\u529B\u3002"},
-        {".suboptions.can.be.all.grouped.or.summary",
-                "                            \u30B5\u30D6\u30AA\u30D7\u30B7\u30E7\u30F3\u3068\u3057\u3066\u3001\u3059\u3079\u3066\u3001\u30B0\u30EB\u30FC\u30D7\u307E\u305F\u306F\u30B5\u30DE\u30EA\u30FC\u3092\u4F7F\u7528\u3067\u304D\u307E\u3059"},
-        {".certs.display.certificates.when.verbose.and.verifying",
-                "[-certs]             \u8A73\u7D30\u51FA\u529B\u304A\u3088\u3073\u691C\u8A3C\u6642\u306B\u8A3C\u660E\u66F8\u3092\u8868\u793A"},
-        {".tsa.url.location.of.the.Timestamping.Authority",
-                "[-tsa <url>]          \u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u5C40\u306E\u5834\u6240"},
-        {".tsacert.alias.public.key.certificate.for.Timestamping.Authority",
-                "[-tsacert <alias>]      \u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u5C40\u306E\u516C\u958B\u9375\u8A3C\u660E\u66F8"},
-        {".altsigner.class.class.name.of.an.alternative.signing.mechanism",
-                "[-altsigner <class>]     \u4EE3\u66FF\u7F72\u540D\u30E1\u30AB\u30CB\u30BA\u30E0\u306E\u30AF\u30E9\u30B9\u540D"},
-        {".altsignerpath.pathlist.location.of.an.alternative.signing.mechanism",
-                "[-altsignerpath <pathlist>]\u4EE3\u66FF\u7F72\u540D\u30E1\u30AB\u30CB\u30BA\u30E0\u306E\u4F4D\u7F6E"},
-        {".internalsf.include.the.SF.file.inside.the.signature.block",
-                "[-internalsf]         \u7F72\u540D\u30D6\u30ED\u30C3\u30AF\u306B.SF\u30D5\u30A1\u30A4\u30EB\u3092\u542B\u3081\u308B"},
-        {".sectionsonly.don.t.compute.hash.of.entire.manifest",
-                "[-sectionsonly]        \u30DE\u30CB\u30D5\u30A7\u30B9\u30C8\u5168\u4F53\u306E\u30CF\u30C3\u30B7\u30E5\u306F\u8A08\u7B97\u3057\u306A\u3044"},
-        {".protected.keystore.has.protected.authentication.path",
-                "[-protected]          \u30AD\u30FC\u30B9\u30C8\u30A2\u306B\u306F\u4FDD\u8B77\u3055\u308C\u305F\u8A8D\u8A3C\u30D1\u30B9\u304C\u3042\u308B"},
-        {".providerName.name.provider.name",
-                "[-providerName <name>]   \u30D7\u30ED\u30D0\u30A4\u30C0\u540D"},
-        {".providerClass.class.name.of.cryptographic.service.provider.s",
-                "[-providerClass <class>   \u6697\u53F7\u5316\u30B5\u30FC\u30D3\u30B9\u30FB\u30D7\u30ED\u30D0\u30A4\u30C0\u306E\u540D\u524D"},
-        {".providerArg.arg.master.class.file.and.constructor.argument",
-                "  [-providerArg <arg>]] ... \u30DE\u30B9\u30BF\u30FC\u30FB\u30AF\u30E9\u30B9\u30FB\u30D5\u30A1\u30A4\u30EB\u3068\u30B3\u30F3\u30B9\u30C8\u30E9\u30AF\u30BF\u306E\u5F15\u6570"},
-        {".strict.treat.warnings.as.errors",
-                "[-strict]                   \u8B66\u544A\u3092\u30A8\u30E9\u30FC\u3068\u3057\u3066\u51E6\u7406"},
-        {"Option.lacks.argument", "\u30AA\u30D7\u30B7\u30E7\u30F3\u306B\u5F15\u6570\u304C\u3042\u308A\u307E\u305B\u3093"},
-        {"Please.type.jarsigner.help.for.usage", "\u4F7F\u7528\u65B9\u6CD5\u306B\u3064\u3044\u3066\u306Fjarsigner -help\u3068\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044"},
-        {"Please.specify.jarfile.name", "jarfile\u540D\u3092\u6307\u5B9A\u3057\u3066\u304F\u3060\u3055\u3044"},
-        {"Please.specify.alias.name", "\u5225\u540D\u3092\u6307\u5B9A\u3057\u3066\u304F\u3060\u3055\u3044"},
-        {"Only.one.alias.can.be.specified", "\u5225\u540D\u306F1\u3064\u306E\u307F\u6307\u5B9A\u3067\u304D\u307E\u3059"},
-        {"This.jar.contains.signed.entries.which.is.not.signed.by.the.specified.alias.es.",
-                 "\u3053\u306Ejar\u306B\u542B\u307E\u308C\u308B\u7F72\u540D\u6E08\u30A8\u30F3\u30C8\u30EA\u306F\u3001\u6307\u5B9A\u3055\u308C\u305F\u5225\u540D\u306B\u3088\u3063\u3066\u7F72\u540D\u3055\u308C\u3066\u3044\u307E\u305B\u3093\u3002"},
-        {"This.jar.contains.signed.entries.that.s.not.signed.by.alias.in.this.keystore.",
-                  "\u3053\u306Ejar\u306B\u542B\u307E\u308C\u308B\u7F72\u540D\u6E08\u30A8\u30F3\u30C8\u30EA\u306F\u3001\u3053\u306E\u30AD\u30FC\u30B9\u30C8\u30A2\u5185\u306E\u5225\u540D\u306B\u3088\u3063\u3066\u7F72\u540D\u3055\u308C\u3066\u3044\u307E\u305B\u3093\u3002"},
-        {"s", "s"},
-        {"m", "m"},
-        {"k", "k"},
-        {"i", "i"},
-        {".and.d.more.", "(\u4ED6\u306B\u3082%d\u500B)"},
-        {".s.signature.was.verified.",
-                "  s=\u7F72\u540D\u304C\u691C\u8A3C\u3055\u308C\u307E\u3057\u305F "},
-        {".m.entry.is.listed.in.manifest",
-                "  m=\u30A8\u30F3\u30C8\u30EA\u304C\u30DE\u30CB\u30D5\u30A7\u30B9\u30C8\u5185\u306B\u30EA\u30B9\u30C8\u3055\u308C\u307E\u3059"},
-        {".k.at.least.one.certificate.was.found.in.keystore",
-                "  k=1\u3064\u4EE5\u4E0A\u306E\u8A3C\u660E\u66F8\u304C\u30AD\u30FC\u30B9\u30C8\u30A2\u3067\u691C\u51FA\u3055\u308C\u307E\u3057\u305F"},
-        {".i.at.least.one.certificate.was.found.in.identity.scope",
-                "  i=1\u3064\u4EE5\u4E0A\u306E\u8A3C\u660E\u66F8\u304C\u30A2\u30A4\u30C7\u30F3\u30C6\u30A3\u30C6\u30A3\u30FB\u30B9\u30B3\u30FC\u30D7\u3067\u691C\u51FA\u3055\u308C\u307E\u3057\u305F"},
-        {".X.not.signed.by.specified.alias.es.",
-                "  X =\u6307\u5B9A\u3057\u305F\u5225\u540D\u3067\u7F72\u540D\u3055\u308C\u3066\u3044\u307E\u305B\u3093"},
-        {"no.manifest.", "\u30DE\u30CB\u30D5\u30A7\u30B9\u30C8\u306F\u5B58\u5728\u3057\u307E\u305B\u3093\u3002"},
-        {".Signature.related.entries.","(\u7F72\u540D\u95A2\u9023\u30A8\u30F3\u30C8\u30EA)"},
-        {".Unsigned.entries.", "(\u672A\u7F72\u540D\u306E\u30A8\u30F3\u30C8\u30EA)"},
-        {"jar.is.unsigned.signatures.missing.or.not.parsable.",
-                "jar\u306F\u7F72\u540D\u3055\u308C\u3066\u3044\u307E\u305B\u3093\u3002(\u7F72\u540D\u304C\u898B\u3064\u304B\u3089\u306A\u3044\u304B\u3001\u69CB\u6587\u89E3\u6790\u3067\u304D\u307E\u305B\u3093)"},
-        {"jar.verified.", "jar\u304C\u691C\u8A3C\u3055\u308C\u307E\u3057\u305F\u3002"},
-        {"jarsigner.", "jarsigner: "},
-        {"signature.filename.must.consist.of.the.following.characters.A.Z.0.9.or.",
-                "\u7F72\u540D\u306E\u30D5\u30A1\u30A4\u30EB\u540D\u306B\u4F7F\u7528\u3067\u304D\u308B\u6587\u5B57\u306F\u3001A-Z\u30010-9\u3001_\u3001- \u306E\u307F\u3067\u3059\u3002"},
-        {"unable.to.open.jar.file.", "\u6B21\u306Ejar\u30D5\u30A1\u30A4\u30EB\u3092\u958B\u304F\u3053\u3068\u304C\u3067\u304D\u307E\u305B\u3093: "},
-        {"unable.to.create.", "\u4F5C\u6210\u3067\u304D\u307E\u305B\u3093: "},
-        {".adding.", "   \u8FFD\u52A0\u4E2D: "},
-        {".updating.", " \u66F4\u65B0\u4E2D: "},
-        {".signing.", "  \u7F72\u540D\u4E2D: "},
-        {"attempt.to.rename.signedJarFile.to.jarFile.failed",
-                "{0}\u306E\u540D\u524D\u3092{1}\u306B\u5909\u66F4\u3057\u3088\u3046\u3068\u3057\u307E\u3057\u305F\u304C\u5931\u6557\u3057\u307E\u3057\u305F"},
-        {"attempt.to.rename.jarFile.to.origJar.failed",
-                "{0}\u306E\u540D\u524D\u3092{1}\u306B\u5909\u66F4\u3057\u3088\u3046\u3068\u3057\u307E\u3057\u305F\u304C\u5931\u6557\u3057\u307E\u3057\u305F"},
-        {"unable.to.sign.jar.", "jar\u306B\u7F72\u540D\u3067\u304D\u307E\u305B\u3093: "},
-        {"Enter.Passphrase.for.keystore.", "\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044: "},
-        {"keystore.load.", "\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30ED\u30FC\u30C9: "},
-        {"certificate.exception.", "\u8A3C\u660E\u66F8\u4F8B\u5916: "},
-        {"unable.to.instantiate.keystore.class.",
-                "\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30AF\u30E9\u30B9\u306E\u30A4\u30F3\u30B9\u30BF\u30F3\u30B9\u3092\u751F\u6210\u3067\u304D\u307E\u305B\u3093: "},
-        {"Certificate.chain.not.found.for.alias.alias.must.reference.a.valid.KeyStore.key.entry.containing.a.private.key.and",
-                "\u6B21\u306E\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u304C\u898B\u3064\u304B\u308A\u307E\u305B\u3093: {0}\u3002{1}\u306F\u3001\u79D8\u5BC6\u9375\u304A\u3088\u3073\u5BFE\u5FDC\u3059\u308B\u516C\u958B\u9375\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u3092\u542B\u3080\u6709\u52B9\u306AKeyStore\u9375\u30A8\u30F3\u30C8\u30EA\u3092\u53C2\u7167\u3059\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059\u3002"},
-        {"File.specified.by.certchain.does.not.exist",
-                "-certchain\u3067\u6307\u5B9A\u3055\u308C\u3066\u3044\u308B\u30D5\u30A1\u30A4\u30EB\u306F\u5B58\u5728\u3057\u307E\u305B\u3093"},
-        {"Cannot.restore.certchain.from.file.specified",
-                "\u6307\u5B9A\u3055\u308C\u305F\u30D5\u30A1\u30A4\u30EB\u304B\u3089\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u3092\u5FA9\u5143\u3067\u304D\u307E\u305B\u3093"},
-        {"Certificate.chain.not.found.in.the.file.specified.",
-                "\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u306F\u6307\u5B9A\u3055\u308C\u305F\u30D5\u30A1\u30A4\u30EB\u306B\u898B\u3064\u304B\u308A\u307E\u305B\u3093\u3002"},
-        {"found.non.X.509.certificate.in.signer.s.chain",
-                "\u7F72\u540D\u8005\u306E\u9023\u9396\u5185\u3067\u975EX.509\u8A3C\u660E\u66F8\u304C\u691C\u51FA\u3055\u308C\u307E\u3057\u305F"},
-        {"incomplete.certificate.chain", "\u4E0D\u5B8C\u5168\u306A\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3"},
-        {"Enter.key.password.for.alias.", "{0}\u306E\u9375\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044: "},
-        {"unable.to.recover.key.from.keystore",
-                "\u30AD\u30FC\u30B9\u30C8\u30A2\u304B\u3089\u9375\u3092\u5FA9\u5143\u3067\u304D\u307E\u305B\u3093"},
-        {"key.associated.with.alias.not.a.private.key",
-                "{0}\u3068\u95A2\u9023\u4ED8\u3051\u3089\u308C\u305F\u9375\u306F\u3001\u79D8\u5BC6\u9375\u3067\u306F\u3042\u308A\u307E\u305B\u3093"},
-        {"you.must.enter.key.password", "\u9375\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u5165\u529B\u3059\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059"},
-        {"unable.to.read.password.", "\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u8AAD\u307F\u8FBC\u3081\u307E\u305B\u3093: "},
-        {"certificate.is.valid.from", "\u8A3C\u660E\u66F8\u306F{0}\u304B\u3089{1}\u307E\u3067\u6709\u52B9\u3067\u3059"},
-        {"certificate.expired.on", "\u8A3C\u660E\u66F8\u306F{0}\u306B\u5931\u52B9\u3057\u307E\u3057\u305F"},
-        {"certificate.is.not.valid.until",
-                "\u8A3C\u660E\u66F8\u306F{0}\u307E\u3067\u6709\u52B9\u3067\u306F\u3042\u308A\u307E\u305B\u3093"},
-        {"certificate.will.expire.on", "\u8A3C\u660E\u66F8\u306F{0}\u306B\u5931\u52B9\u3057\u307E\u3059"},
-        {".CertPath.not.validated.", "[CertPath\u304C\u691C\u8A3C\u3055\u308C\u3066\u3044\u307E\u305B\u3093: "},
-        {"requesting.a.signature.timestamp",
-                "\u7F72\u540D\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u306E\u30EA\u30AF\u30A8\u30B9\u30C8"},
-        {"TSA.location.", "TSA\u306E\u5834\u6240: "},
-        {"TSA.certificate.", "TSA\u8A3C\u660E\u66F8: "},
-        {"no.response.from.the.Timestamping.Authority.",
-                "\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u5C40\u304B\u3089\u306E\u30EC\u30B9\u30DD\u30F3\u30B9\u304C\u3042\u308A\u307E\u305B\u3093\u3002\u30D5\u30A1\u30A4\u30A2\u30A6\u30A9\u30FC\u30EB\u3092\u4ECB\u3057\u3066\u63A5\u7D9A\u3059\u308B\u3068\u304D\u306F\u3001\u5FC5\u8981\u306B\u5FDC\u3058\u3066HTTP\u307E\u305F\u306FHTTPS\u30D7\u30ED\u30AD\u30B7\u3092\u6307\u5B9A\u3057\u3066\u304F\u3060\u3055\u3044\u3002jarsigner\u306B\u6B21\u306E\u30AA\u30D7\u30B7\u30E7\u30F3\u3092\u6307\u5B9A\u3057\u3066\u304F\u3060\u3055\u3044:"},
-        {"or", "\u307E\u305F\u306F"},
-        {"Certificate.not.found.for.alias.alias.must.reference.a.valid.KeyStore.entry.containing.an.X.509.public.key.certificate.for.the",
-                "\u8A3C\u660E\u66F8\u304C\u898B\u3064\u304B\u308A\u307E\u305B\u3093\u3067\u3057\u305F: {0}\u3002{1}\u306F\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u5C40\u306EX.509\u516C\u958B\u9375\u8A3C\u660E\u66F8\u304C\u542B\u307E\u308C\u3066\u3044\u308B\u6709\u52B9\u306AKeyStore\u30A8\u30F3\u30C8\u30EA\u3092\u53C2\u7167\u3059\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059\u3002"},
-        {"using.an.alternative.signing.mechanism",
-                "\u4EE3\u66FF\u7F72\u540D\u30E1\u30AB\u30CB\u30BA\u30E0\u306E\u4F7F\u7528"},
-        {"entry.was.signed.on", "\u30A8\u30F3\u30C8\u30EA\u306F{0}\u306B\u7F72\u540D\u3055\u308C\u307E\u3057\u305F"},
-        {"Warning.", "\u8B66\u544A: "},
-        {"This.jar.contains.unsigned.entries.which.have.not.been.integrity.checked.",
-                "\u3053\u306Ejar\u306B\u306F\u3001\u6574\u5408\u6027\u30C1\u30A7\u30C3\u30AF\u3092\u3057\u3066\u3044\u306A\u3044\u672A\u7F72\u540D\u306E\u30A8\u30F3\u30C8\u30EA\u304C\u542B\u307E\u308C\u3066\u3044\u307E\u3059\u3002 "},
-        {"This.jar.contains.entries.whose.signer.certificate.has.expired.",
-                "\u3053\u306Ejar\u306B\u306F\u3001\u7F72\u540D\u8005\u306E\u8A3C\u660E\u66F8\u304C\u671F\u9650\u5207\u308C\u306E\u30A8\u30F3\u30C8\u30EA\u304C\u542B\u307E\u308C\u3066\u3044\u307E\u3059\u3002 "},
-        {"This.jar.contains.entries.whose.signer.certificate.will.expire.within.six.months.",
-                "\u3053\u306Ejar\u306B\u306F\u3001\u7F72\u540D\u8005\u306E\u8A3C\u660E\u66F8\u304C6\u304B\u6708\u4EE5\u5185\u306B\u671F\u9650\u5207\u308C\u3068\u306A\u308B\u30A8\u30F3\u30C8\u30EA\u304C\u542B\u307E\u308C\u3066\u3044\u307E\u3059\u3002 "},
-        {"This.jar.contains.entries.whose.signer.certificate.is.not.yet.valid.",
-                "\u3053\u306Ejar\u306B\u306F\u3001\u7F72\u540D\u8005\u306E\u8A3C\u660E\u66F8\u304C\u307E\u3060\u6709\u52B9\u306B\u306A\u3063\u3066\u3044\u306A\u3044\u30A8\u30F3\u30C8\u30EA\u304C\u542B\u307E\u308C\u3066\u3044\u307E\u3059\u3002 "},
-        {"Re.run.with.the.verbose.option.for.more.details.",
-                "\u8A73\u7D30\u306F\u3001-verbose\u30AA\u30D7\u30B7\u30E7\u30F3\u3092\u4F7F\u7528\u3057\u3066\u518D\u5B9F\u884C\u3057\u3066\u304F\u3060\u3055\u3044\u3002"},
-        {"Re.run.with.the.verbose.and.certs.options.for.more.details.",
-                "\u8A73\u7D30\u306F\u3001-verbose\u304A\u3088\u3073-certs\u30AA\u30D7\u30B7\u30E7\u30F3\u3092\u4F7F\u7528\u3057\u3066\u518D\u5B9F\u884C\u3057\u3066\u304F\u3060\u3055\u3044\u3002"},
-        {"The.signer.certificate.has.expired.",
-                "\u7F72\u540D\u8005\u306E\u8A3C\u660E\u66F8\u306F\u671F\u9650\u5207\u308C\u3067\u3059\u3002"},
-        {"The.signer.certificate.will.expire.within.six.months.",
-                "\u7F72\u540D\u8005\u306E\u8A3C\u660E\u66F8\u306F6\u304B\u6708\u4EE5\u5185\u306B\u671F\u9650\u5207\u308C\u306B\u306A\u308A\u307E\u3059\u3002"},
-        {"The.signer.certificate.is.not.yet.valid.",
-                "\u7F72\u540D\u8005\u306E\u8A3C\u660E\u66F8\u306F\u307E\u3060\u6709\u52B9\u306B\u306A\u3063\u3066\u3044\u307E\u305B\u3093\u3002"},
-        {"The.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing.",
-                 "\u7F72\u540D\u8005\u8A3C\u660E\u66F8\u306EKeyUsage\u62E1\u5F35\u6A5F\u80FD\u3067\u306F\u3001\u30B3\u30FC\u30C9\u7F72\u540D\u306F\u8A31\u53EF\u3055\u308C\u307E\u305B\u3093\u3002"},
-        {"The.signer.certificate.s.ExtendedKeyUsage.extension.doesn.t.allow.code.signing.",
-                 "\u7F72\u540D\u8005\u8A3C\u660E\u66F8\u306EExtendedKeyUsage\u62E1\u5F35\u6A5F\u80FD\u3067\u306F\u3001\u30B3\u30FC\u30C9\u7F72\u540D\u306F\u8A31\u53EF\u3055\u308C\u307E\u305B\u3093\u3002"},
-        {"The.signer.certificate.s.NetscapeCertType.extension.doesn.t.allow.code.signing.",
-                 "\u7F72\u540D\u8005\u8A3C\u660E\u66F8\u306ENetscapeCertType\u62E1\u5F35\u6A5F\u80FD\u3067\u306F\u3001\u30B3\u30FC\u30C9\u7F72\u540D\u306F\u8A31\u53EF\u3055\u308C\u307E\u305B\u3093\u3002"},
-        {"This.jar.contains.entries.whose.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing.",
-                 "\u3053\u306Ejar\u306B\u306F\u3001\u7F72\u540D\u8005\u8A3C\u660E\u66F8\u306EKeyUsage\u62E1\u5F35\u6A5F\u80FD\u304C\u30B3\u30FC\u30C9\u7F72\u540D\u3092\u8A31\u53EF\u3057\u306A\u3044\u30A8\u30F3\u30C8\u30EA\u304C\u542B\u307E\u308C\u3066\u3044\u307E\u3059\u3002"},
-        {"This.jar.contains.entries.whose.signer.certificate.s.ExtendedKeyUsage.extension.doesn.t.allow.code.signing.",
-                 "\u3053\u306Ejar\u306B\u306F\u3001\u7F72\u540D\u8005\u8A3C\u660E\u66F8\u306EExtendedKeyUsage\u62E1\u5F35\u6A5F\u80FD\u304C\u30B3\u30FC\u30C9\u7F72\u540D\u3092\u8A31\u53EF\u3057\u306A\u3044\u30A8\u30F3\u30C8\u30EA\u304C\u542B\u307E\u308C\u3066\u3044\u307E\u3059\u3002"},
-        {"This.jar.contains.entries.whose.signer.certificate.s.NetscapeCertType.extension.doesn.t.allow.code.signing.",
-                 "\u3053\u306Ejar\u306B\u306F\u3001\u7F72\u540D\u8005\u8A3C\u660E\u66F8\u306ENetscapeCertType\u62E1\u5F35\u6A5F\u80FD\u304C\u30B3\u30FC\u30C9\u7F72\u540D\u3092\u8A31\u53EF\u3057\u306A\u3044\u30A8\u30F3\u30C8\u30EA\u304C\u542B\u307E\u308C\u3066\u3044\u307E\u3059\u3002"},
-        {".{0}.extension.does.not.support.code.signing.",
-                 "[{0}\u62E1\u5F35\u6A5F\u80FD\u306F\u30B3\u30FC\u30C9\u7F72\u540D\u3092\u30B5\u30DD\u30FC\u30C8\u3057\u3066\u3044\u307E\u305B\u3093]"},
-        {"The.signer.s.certificate.chain.is.not.validated.",
-                "\u7F72\u540D\u8005\u306E\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u304C\u307E\u3060\u691C\u8A3C\u3055\u308C\u3066\u3044\u307E\u305B\u3093\u3002"},
-        {"This.jar.contains.entries.whose.certificate.chain.is.not.validated.",
-                 "\u3053\u306Ejar\u306B\u306F\u3001\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u304C\u307E\u3060\u691C\u8A3C\u3055\u308C\u3066\u3044\u306A\u3044\u30A8\u30F3\u30C8\u30EA\u304C\u542B\u307E\u308C\u3066\u3044\u307E\u3059\u3002"},
-    };
-
-    /**
-     * Returns the contents of this <code>ResourceBundle</code>.
-     *
-     * <p>
-     *
-     * @return the contents of this <code>ResourceBundle</code>.
-     */
-    public Object[][] getContents() {
-        return contents;
-    }
-}
--- a/jdk/src/share/classes/sun/security/tools/JarSignerResources_zh_CN.java	Sat Oct 13 10:15:57 2012 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,240 +0,0 @@
-/*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package sun.security.tools;
-
-/**
- * <p> This class represents the <code>ResourceBundle</code>
- * for JarSigner.
- *
- */
-public class JarSignerResources_zh_CN extends java.util.ListResourceBundle {
-
-    private static final Object[][] contents = {
-
-        // shared (from jarsigner)
-        {"SPACE", " "},
-        {"2SPACE", "  "},
-        {"6SPACE", "      "},
-        {"COMMA", ", "},
-
-        {"provName.not.a.provider", "{0}\u4E0D\u662F\u63D0\u4F9B\u65B9"},
-        {"signerClass.is.not.a.signing.mechanism", "{0}\u4E0D\u662F\u7B7E\u540D\u673A\u5236"},
-        {"jarsigner.error.", "jarsigner \u9519\u8BEF: "},
-        {"Illegal.option.", "\u975E\u6CD5\u9009\u9879: "},
-        {".keystore.must.be.NONE.if.storetype.is.{0}",
-                "\u5982\u679C -storetype \u4E3A {0}, \u5219 -keystore \u5FC5\u987B\u4E3A NONE"},
-        {".keypass.can.not.be.specified.if.storetype.is.{0}",
-                "\u5982\u679C -storetype \u4E3A {0}, \u5219\u4E0D\u80FD\u6307\u5B9A -keypass"},
-        {"If.protected.is.specified.then.storepass.and.keypass.must.not.be.specified",
-                "\u5982\u679C\u6307\u5B9A\u4E86 -protected, \u5219\u4E0D\u80FD\u6307\u5B9A -storepass \u548C -keypass"},
-        {"If.keystore.is.not.password.protected.then.storepass.and.keypass.must.not.be.specified",
-                 "\u5982\u679C\u5BC6\u94A5\u5E93\u672A\u53D7\u53E3\u4EE4\u4FDD\u62A4, \u5219\u4E0D\u80FD\u6307\u5B9A -storepass \u548C -keypass"},
-        {"Usage.jarsigner.options.jar.file.alias",
-                "\u7528\u6CD5: jarsigner [\u9009\u9879] jar\u6587\u4EF6 \u522B\u540D"},
-        {".jarsigner.verify.options.jar.file.alias.",
-                "       jarsigner -verify [\u9009\u9879] jar\u6587\u4EF6 [\u522B\u540D...]"},
-        {".keystore.url.keystore.location",
-                "[-keystore <url>]           \u5BC6\u94A5\u5E93\u4F4D\u7F6E"},
-        {".storepass.password.password.for.keystore.integrity",
-            "[-storepass <\u53E3\u4EE4>]         \u7528\u4E8E\u5BC6\u94A5\u5E93\u5B8C\u6574\u6027\u7684\u53E3\u4EE4"},
-        {".storetype.type.keystore.type",
-                "[-storetype <\u7C7B\u578B>]         \u5BC6\u94A5\u5E93\u7C7B\u578B"},
-        {".keypass.password.password.for.private.key.if.different.",
-                "[-keypass <\u53E3\u4EE4>]           \u79C1\u6709\u5BC6\u94A5\u7684\u53E3\u4EE4 (\u5982\u679C\u4E0D\u540C)"},
-        {".certchain.file.name.of.alternative.certchain.file",
-                "[-certchain <\u6587\u4EF6>]         \u66FF\u4EE3\u8BC1\u4E66\u94FE\u6587\u4EF6\u7684\u540D\u79F0"},
-        {".sigfile.file.name.of.SF.DSA.file",
-                "[-sigfile <\u6587\u4EF6>]           .SF/.DSA \u6587\u4EF6\u7684\u540D\u79F0"},
-        {".signedjar.file.name.of.signed.JAR.file",
-                "[-signedjar <\u6587\u4EF6>]         \u5DF2\u7B7E\u540D\u7684 JAR \u6587\u4EF6\u7684\u540D\u79F0"},
-        {".digestalg.algorithm.name.of.digest.algorithm",
-                "[-digestalg <\u7B97\u6CD5>]    \u6458\u8981\u7B97\u6CD5\u7684\u540D\u79F0"},
-        {".sigalg.algorithm.name.of.signature.algorithm",
-                "[-sigalg <\u7B97\u6CD5>]       \u7B7E\u540D\u7B97\u6CD5\u7684\u540D\u79F0"},
-        {".verify.verify.a.signed.JAR.file",
-                "[-verify]                   \u9A8C\u8BC1\u5DF2\u7B7E\u540D\u7684 JAR \u6587\u4EF6"},
-        {".verbose.suboptions.verbose.output.when.signing.verifying.",
-                "[-verbose[:\u5B50\u9009\u9879]]     \u7B7E\u540D/\u9A8C\u8BC1\u65F6\u8F93\u51FA\u8BE6\u7EC6\u4FE1\u606F\u3002"},
-        {".suboptions.can.be.all.grouped.or.summary",
-                "                            \u5B50\u9009\u9879\u53EF\u4EE5\u662F all, grouped \u6216 summary"},
-        {".certs.display.certificates.when.verbose.and.verifying",
-                "[-certs]                    \u8F93\u51FA\u8BE6\u7EC6\u4FE1\u606F\u548C\u9A8C\u8BC1\u65F6\u663E\u793A\u8BC1\u4E66"},
-        {".tsa.url.location.of.the.Timestamping.Authority",
-                "[-tsa <url>]                \u65F6\u95F4\u6233\u9881\u53D1\u673A\u6784\u7684\u4F4D\u7F6E"},
-        {".tsacert.alias.public.key.certificate.for.Timestamping.Authority",
-                "[-tsacert <\u522B\u540D>]           \u65F6\u95F4\u6233\u9881\u53D1\u673A\u6784\u7684\u516C\u5171\u5BC6\u94A5\u8BC1\u4E66"},
-        {".altsigner.class.class.name.of.an.alternative.signing.mechanism",
-                "[-altsigner <\u7C7B>]           \u66FF\u4EE3\u7684\u7B7E\u540D\u673A\u5236\u7684\u7C7B\u540D"},
-        {".altsignerpath.pathlist.location.of.an.alternative.signing.mechanism",
-                "[-altsignerpath <\u8DEF\u5F84\u5217\u8868>] \u66FF\u4EE3\u7684\u7B7E\u540D\u673A\u5236\u7684\u4F4D\u7F6E"},
-        {".internalsf.include.the.SF.file.inside.the.signature.block",
-                "[-internalsf]               \u5728\u7B7E\u540D\u5757\u5185\u5305\u542B .SF \u6587\u4EF6"},
-        {".sectionsonly.don.t.compute.hash.of.entire.manifest",
-                "[-sectionsonly]             \u4E0D\u8BA1\u7B97\u6574\u4E2A\u6E05\u5355\u7684\u6563\u5217"},
-        {".protected.keystore.has.protected.authentication.path",
-                "[-protected]                \u5BC6\u94A5\u5E93\u5177\u6709\u53D7\u4FDD\u62A4\u9A8C\u8BC1\u8DEF\u5F84"},
-        {".providerName.name.provider.name",
-                "[-providerName <\u540D\u79F0>]      \u63D0\u4F9B\u65B9\u540D\u79F0"},
-        {".providerClass.class.name.of.cryptographic.service.provider.s",
-                "[-providerClass <\u7C7B>        \u52A0\u5BC6\u670D\u52A1\u63D0\u4F9B\u65B9\u7684\u540D\u79F0"},
-        {".providerArg.arg.master.class.file.and.constructor.argument",
-                "  [-providerArg <\u53C2\u6570>]]... \u4E3B\u7C7B\u6587\u4EF6\u548C\u6784\u9020\u5668\u53C2\u6570"},
-        {".strict.treat.warnings.as.errors",
-                "[-strict]                   \u5C06\u8B66\u544A\u89C6\u4E3A\u9519\u8BEF"},
-        {"Option.lacks.argument", "\u9009\u9879\u7F3A\u5C11\u53C2\u6570"},
-        {"Please.type.jarsigner.help.for.usage", "\u8BF7\u952E\u5165 jarsigner -help \u4EE5\u4E86\u89E3\u7528\u6CD5"},
-        {"Please.specify.jarfile.name", "\u8BF7\u6307\u5B9A jar \u6587\u4EF6\u7684\u540D\u79F0"},
-        {"Please.specify.alias.name", "\u8BF7\u6307\u5B9A\u522B\u540D"},
-        {"Only.one.alias.can.be.specified", "\u53EA\u80FD\u6307\u5B9A\u4E00\u4E2A\u522B\u540D"},
-        {"This.jar.contains.signed.entries.which.is.not.signed.by.the.specified.alias.es.",
-                 "\u6B64 jar \u5305\u542B\u672A\u7531\u6307\u5B9A\u522B\u540D\u7B7E\u540D\u7684\u5DF2\u7B7E\u540D\u6761\u76EE\u3002"},
-        {"This.jar.contains.signed.entries.that.s.not.signed.by.alias.in.this.keystore.",
-                  "\u6B64 jar \u5305\u542B\u672A\u7531\u6B64\u5BC6\u94A5\u5E93\u4E2D\u7684\u522B\u540D\u7B7E\u540D\u7684\u5DF2\u7B7E\u540D\u6761\u76EE\u3002"},
-        {"s", "s"},
-        {"m", "m"},
-        {"k", "k"},
-        {"i", "i"},
-        {".and.d.more.", "(%d \u53CA\u4EE5\u4E0A)"},
-        {".s.signature.was.verified.",
-                "  s = \u5DF2\u9A8C\u8BC1\u7B7E\u540D "},
-        {".m.entry.is.listed.in.manifest",
-                "  m = \u5728\u6E05\u5355\u4E2D\u5217\u51FA\u6761\u76EE"},
-        {".k.at.least.one.certificate.was.found.in.keystore",
-                "  k = \u5728\u5BC6\u94A5\u5E93\u4E2D\u81F3\u5C11\u627E\u5230\u4E86\u4E00\u4E2A\u8BC1\u4E66"},
-        {".i.at.least.one.certificate.was.found.in.identity.scope",
-                "  i = \u5728\u8EAB\u4EFD\u4F5C\u7528\u57DF\u5185\u81F3\u5C11\u627E\u5230\u4E86\u4E00\u4E2A\u8BC1\u4E66"},
-        {".X.not.signed.by.specified.alias.es.",
-                "  X = \u672A\u7531\u6307\u5B9A\u522B\u540D\u7B7E\u540D"},
-        {"no.manifest.", "\u6CA1\u6709\u6E05\u5355\u3002"},
-        {".Signature.related.entries.","(\u4E0E\u7B7E\u540D\u76F8\u5173\u7684\u6761\u76EE)"},
-        {".Unsigned.entries.", "(\u672A\u7B7E\u540D\u6761\u76EE)"},
-        {"jar.is.unsigned.signatures.missing.or.not.parsable.",
-                "jar \u672A\u7B7E\u540D\u3002(\u7F3A\u5C11\u7B7E\u540D\u6216\u65E0\u6CD5\u5BF9\u7B7E\u540D\u8FDB\u884C\u8BED\u6CD5\u5206\u6790)"},
-        {"jar.verified.", "jar \u5DF2\u9A8C\u8BC1\u3002"},
-        {"jarsigner.", "jarsigner: "},
-        {"signature.filename.must.consist.of.the.following.characters.A.Z.0.9.or.",
-                "\u7B7E\u540D\u6587\u4EF6\u540D\u5FC5\u987B\u5305\u542B\u4EE5\u4E0B\u5B57\u7B26: A-Z, 0-9, _ \u6216 -"},
-        {"unable.to.open.jar.file.", "\u65E0\u6CD5\u6253\u5F00 jar \u6587\u4EF6: "},
-        {"unable.to.create.", "\u65E0\u6CD5\u521B\u5EFA: "},
-        {".adding.", "   \u6B63\u5728\u6DFB\u52A0: "},
-        {".updating.", " \u6B63\u5728\u66F4\u65B0: "},
-        {".signing.", "  \u6B63\u5728\u7B7E\u540D: "},
-        {"attempt.to.rename.signedJarFile.to.jarFile.failed",
-                "\u5C1D\u8BD5\u5C06{0}\u91CD\u547D\u540D\u4E3A{1}\u65F6\u5931\u8D25"},
-        {"attempt.to.rename.jarFile.to.origJar.failed",
-                "\u5C1D\u8BD5\u5C06{0}\u91CD\u547D\u540D\u4E3A{1}\u65F6\u5931\u8D25"},
-        {"unable.to.sign.jar.", "\u65E0\u6CD5\u5BF9 jar \u8FDB\u884C\u7B7E\u540D: "},
-        {"Enter.Passphrase.for.keystore.", "\u8F93\u5165\u5BC6\u94A5\u5E93\u7684\u5BC6\u7801\u77ED\u8BED: "},
-        {"keystore.load.", "\u5BC6\u94A5\u5E93\u52A0\u8F7D: "},
-        {"certificate.exception.", "\u8BC1\u4E66\u5F02\u5E38\u9519\u8BEF: "},
-        {"unable.to.instantiate.keystore.class.",
-                "\u65E0\u6CD5\u5B9E\u4F8B\u5316\u5BC6\u94A5\u5E93\u7C7B: "},
-        {"Certificate.chain.not.found.for.alias.alias.must.reference.a.valid.KeyStore.key.entry.containing.a.private.key.and",
-                "\u627E\u4E0D\u5230{0}\u7684\u8BC1\u4E66\u94FE\u3002{1}\u5FC5\u987B\u5F15\u7528\u5305\u542B\u79C1\u6709\u5BC6\u94A5\u548C\u76F8\u5E94\u7684\u516C\u5171\u5BC6\u94A5\u8BC1\u4E66\u94FE\u7684\u6709\u6548 KeyStore \u5BC6\u94A5\u6761\u76EE\u3002"},
-        {"File.specified.by.certchain.does.not.exist",
-                "\u7531 -certchain \u6307\u5B9A\u7684\u6587\u4EF6\u4E0D\u5B58\u5728"},
-        {"Cannot.restore.certchain.from.file.specified",
-                "\u65E0\u6CD5\u4ECE\u6307\u5B9A\u7684\u6587\u4EF6\u8FD8\u539F\u8BC1\u4E66\u94FE"},
-        {"Certificate.chain.not.found.in.the.file.specified.",
-                "\u5728\u6307\u5B9A\u7684\u6587\u4EF6\u4E2D\u627E\u4E0D\u5230\u8BC1\u4E66\u94FE\u3002"},
-        {"found.non.X.509.certificate.in.signer.s.chain",
-                "\u5728\u7B7E\u540D\u8005\u7684\u94FE\u4E2D\u627E\u5230\u975E X.509 \u8BC1\u4E66"},
-        {"incomplete.certificate.chain", "\u8BC1\u4E66\u94FE\u4E0D\u5B8C\u6574"},
-        {"Enter.key.password.for.alias.", "\u8F93\u5165{0}\u7684\u5BC6\u94A5\u53E3\u4EE4: "},
-        {"unable.to.recover.key.from.keystore",
-                "\u65E0\u6CD5\u4ECE\u5BC6\u94A5\u5E93\u4E2D\u6062\u590D\u5BC6\u94A5"},
-        {"key.associated.with.alias.not.a.private.key",
-                "\u4E0E{0}\u5173\u8054\u7684\u5BC6\u94A5\u4E0D\u662F\u79C1\u6709\u5BC6\u94A5"},
-        {"you.must.enter.key.password", "\u5FC5\u987B\u8F93\u5165\u5BC6\u94A5\u53E3\u4EE4"},
-        {"unable.to.read.password.", "\u65E0\u6CD5\u8BFB\u53D6\u53E3\u4EE4: "},
-        {"certificate.is.valid.from", "\u8BC1\u4E66\u7684\u6709\u6548\u671F\u4E3A{0}\u81F3{1}"},
-        {"certificate.expired.on", "\u8BC1\u4E66\u5230\u671F\u65E5\u671F\u4E3A {0}"},
-        {"certificate.is.not.valid.until",
-                "\u76F4\u5230{0}, \u8BC1\u4E66\u624D\u6709\u6548"},
-        {"certificate.will.expire.on", "\u8BC1\u4E66\u5C06\u5728{0}\u5230\u671F"},
-        {".CertPath.not.validated.", "[CertPath \u672A\u9A8C\u8BC1: "},
-        {"requesting.a.signature.timestamp",
-                "\u6B63\u5728\u8BF7\u6C42\u7B7E\u540D\u65F6\u95F4\u6233"},
-        {"TSA.location.", "TSA \u4F4D\u7F6E: "},
-        {"TSA.certificate.", "TSA \u8BC1\u4E66: "},
-        {"no.response.from.the.Timestamping.Authority.",
-                "\u65F6\u95F4\u6233\u9881\u53D1\u673A\u6784\u6CA1\u6709\u54CD\u5E94\u3002\u5982\u679C\u8981\u4ECE\u9632\u706B\u5899\u540E\u9762\u8FDE\u63A5, \u5219\u53EF\u80FD\u9700\u8981\u6307\u5B9A HTTP \u6216 HTTPS \u4EE3\u7406\u3002\u8BF7\u4E3A jarsigner \u63D0\u4F9B\u4EE5\u4E0B\u9009\u9879: "},
-        {"or", "\u6216"},
-        {"Certificate.not.found.for.alias.alias.must.reference.a.valid.KeyStore.entry.containing.an.X.509.public.key.certificate.for.the",
-                "\u627E\u4E0D\u5230{0}\u7684\u8BC1\u4E66\u3002{1}\u5FC5\u987B\u5F15\u7528\u5305\u542B\u65F6\u95F4\u6233\u9881\u53D1\u673A\u6784\u7684 X.509 \u516C\u5171\u5BC6\u94A5\u8BC1\u4E66\u7684\u6709\u6548 KeyStore \u6761\u76EE\u3002"},
-        {"using.an.alternative.signing.mechanism",
-                "\u6B63\u5728\u4F7F\u7528\u66FF\u4EE3\u7684\u7B7E\u540D\u673A\u5236"},
-        {"entry.was.signed.on", "\u6761\u76EE\u7684\u7B7E\u540D\u65E5\u671F\u4E3A {0}"},
-        {"Warning.", "\u8B66\u544A: "},
-        {"This.jar.contains.unsigned.entries.which.have.not.been.integrity.checked.",
-                "\u6B64 jar \u5305\u542B\u5C1A\u672A\u8FDB\u884C\u5B8C\u6574\u6027\u68C0\u67E5\u7684\u672A\u7B7E\u540D\u6761\u76EE\u3002 "},
-        {"This.jar.contains.entries.whose.signer.certificate.has.expired.",
-                "\u6B64 jar \u5305\u542B\u7B7E\u540D\u8005\u8BC1\u4E66\u5DF2\u8FC7\u671F\u7684\u6761\u76EE\u3002 "},
-        {"This.jar.contains.entries.whose.signer.certificate.will.expire.within.six.months.",
-                "\u6B64 jar \u5305\u542B\u7B7E\u540D\u8005\u8BC1\u4E66\u5C06\u5728\u516D\u4E2A\u6708\u5185\u8FC7\u671F\u7684\u6761\u76EE\u3002 "},
-        {"This.jar.contains.entries.whose.signer.certificate.is.not.yet.valid.",
-                "\u6B64 jar \u5305\u542B\u7B7E\u540D\u8005\u8BC1\u4E66\u4ECD\u65E0\u6548\u7684\u6761\u76EE\u3002 "},
-        {"Re.run.with.the.verbose.option.for.more.details.",
-                "\u6709\u5173\u8BE6\u7EC6\u4FE1\u606F, \u8BF7\u4F7F\u7528 -verbose \u9009\u9879\u91CD\u65B0\u8FD0\u884C\u3002"},
-        {"Re.run.with.the.verbose.and.certs.options.for.more.details.",
-                "\u6709\u5173\u8BE6\u7EC6\u4FE1\u606F, \u8BF7\u4F7F\u7528 -verbose \u548C -certs \u9009\u9879\u91CD\u65B0\u8FD0\u884C\u3002"},
-        {"The.signer.certificate.has.expired.",
-                "\u7B7E\u540D\u8005\u8BC1\u4E66\u5DF2\u8FC7\u671F\u3002"},
-        {"The.signer.certificate.will.expire.within.six.months.",
-                "\u7B7E\u540D\u8005\u8BC1\u4E66\u5C06\u5728\u516D\u4E2A\u6708\u5185\u8FC7\u671F\u3002"},
-        {"The.signer.certificate.is.not.yet.valid.",
-                "\u7B7E\u540D\u8005\u8BC1\u4E66\u4ECD\u65E0\u6548\u3002"},
-        {"The.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing.",
-                 "\u7531\u4E8E\u7B7E\u540D\u8005\u8BC1\u4E66\u7684 KeyUsage \u6269\u5C55\u800C\u65E0\u6CD5\u8FDB\u884C\u4EE3\u7801\u7B7E\u540D\u3002"},
-        {"The.signer.certificate.s.ExtendedKeyUsage.extension.doesn.t.allow.code.signing.",
-                 "\u7531\u4E8E\u7B7E\u540D\u8005\u8BC1\u4E66\u7684 ExtendedKeyUsage \u6269\u5C55\u800C\u65E0\u6CD5\u8FDB\u884C\u4EE3\u7801\u7B7E\u540D\u3002"},
-        {"The.signer.certificate.s.NetscapeCertType.extension.doesn.t.allow.code.signing.",
-                 "\u7531\u4E8E\u7B7E\u540D\u8005\u8BC1\u4E66\u7684 NetscapeCertType \u6269\u5C55\u800C\u65E0\u6CD5\u8FDB\u884C\u4EE3\u7801\u7B7E\u540D\u3002"},
-        {"This.jar.contains.entries.whose.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing.",
-                 "\u6B64 jar \u5305\u542B\u7531\u4E8E\u7B7E\u540D\u8005\u8BC1\u4E66\u7684 KeyUsage \u6269\u5C55\u800C\u65E0\u6CD5\u8FDB\u884C\u4EE3\u7801\u7B7E\u540D\u7684\u6761\u76EE\u3002"},
-        {"This.jar.contains.entries.whose.signer.certificate.s.ExtendedKeyUsage.extension.doesn.t.allow.code.signing.",
-                 "\u6B64 jar \u5305\u542B\u7531\u4E8E\u7B7E\u540D\u8005\u8BC1\u4E66\u7684 ExtendedKeyUsage \u6269\u5C55\u800C\u65E0\u6CD5\u8FDB\u884C\u4EE3\u7801\u7B7E\u540D\u7684\u6761\u76EE\u3002"},
-        {"This.jar.contains.entries.whose.signer.certificate.s.NetscapeCertType.extension.doesn.t.allow.code.signing.",
-                 "\u6B64 jar \u5305\u542B\u7531\u4E8E\u7B7E\u540D\u8005\u8BC1\u4E66\u7684 NetscapeCertType \u6269\u5C55\u800C\u65E0\u6CD5\u8FDB\u884C\u4EE3\u7801\u7B7E\u540D\u7684\u6761\u76EE\u3002"},
-        {".{0}.extension.does.not.support.code.signing.",
-                 "[{0} \u6269\u5C55\u4E0D\u652F\u6301\u4EE3\u7801\u7B7E\u540D]"},
-        {"The.signer.s.certificate.chain.is.not.validated.",
-                "\u7B7E\u540D\u8005\u7684\u8BC1\u4E66\u94FE\u672A\u9A8C\u8BC1\u3002"},
-        {"This.jar.contains.entries.whose.certificate.chain.is.not.validated.",
-                 "\u6B64 jar \u5305\u542B\u8BC1\u4E66\u94FE\u672A\u9A8C\u8BC1\u7684\u6761\u76EE\u3002"},
-    };
-
-    /**
-     * Returns the contents of this <code>ResourceBundle</code>.
-     *
-     * <p>
-     *
-     * @return the contents of this <code>ResourceBundle</code>.
-     */
-    public Object[][] getContents() {
-        return contents;
-    }
-}
--- a/jdk/src/share/classes/sun/security/tools/KeyStoreUtil.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/src/share/classes/sun/security/tools/KeyStoreUtil.java	Sun Oct 14 22:58:59 2012 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,6 +25,18 @@
 
 package sun.security.tools;
 
+import java.io.BufferedReader;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStreamReader;
+
+import java.net.URL;
+
+import java.security.KeyStore;
+
+import java.text.Collator;
+
 import java.util.Locale;
 
 /**
@@ -34,18 +46,17 @@
  */
 public class KeyStoreUtil {
 
-    // Class and methods marked as public so that they can be
-    // accessed by JarSigner, which although lies in a package
-    // with the same name, but bundled in tools.jar and loaded
-    // by another class loader, hence in a different *runtime*
-    // package.
-    //
-    // See JVM Spec, 5.3 and 5.4.4
-
     private KeyStoreUtil() {
         // this class is not meant to be instantiated
     }
 
+    private static final String JKS = "jks";
+
+    private static final Collator collator = Collator.getInstance();
+    static {
+        // this is for case insensitive string comparisons
+        collator.setStrength(Collator.PRIMARY);
+    };
 
     /**
      * Returns true if KeyStore has a password. This is true except for
@@ -68,4 +79,76 @@
             return storetype.toUpperCase(Locale.ENGLISH);
         }
     }
+
+    /**
+     * Returns the keystore with the configured CA certificates.
+     */
+    public static KeyStore getCacertsKeyStore()
+        throws Exception
+    {
+        String sep = File.separator;
+        File file = new File(System.getProperty("java.home") + sep
+                             + "lib" + sep + "security" + sep
+                             + "cacerts");
+        if (!file.exists()) {
+            return null;
+        }
+        KeyStore caks = null;
+        try (FileInputStream fis = new FileInputStream(file)) {
+            caks = KeyStore.getInstance(JKS);
+            caks.load(fis, null);
+        }
+        return caks;
+    }
+
+    public static char[] getPassWithModifier(String modifier, String arg,
+                                             java.util.ResourceBundle rb) {
+        if (modifier == null) {
+            return arg.toCharArray();
+        } else if (collator.compare(modifier, "env") == 0) {
+            String value = System.getenv(arg);
+            if (value == null) {
+                System.err.println(rb.getString(
+                        "Cannot.find.environment.variable.") + arg);
+                return null;
+            } else {
+                return value.toCharArray();
+            }
+        } else if (collator.compare(modifier, "file") == 0) {
+            try {
+                URL url = null;
+                try {
+                    url = new URL(arg);
+                } catch (java.net.MalformedURLException mue) {
+                    File f = new File(arg);
+                    if (f.exists()) {
+                        url = f.toURI().toURL();
+                    } else {
+                        System.err.println(rb.getString(
+                                "Cannot.find.file.") + arg);
+                        return null;
+                    }
+                }
+
+                try (BufferedReader br =
+                     new BufferedReader(new InputStreamReader(
+                         url.openStream()))) {
+                    String value = br.readLine();
+
+                    if (value == null) {
+                        return new char[0];
+                    }
+
+                    return value.toCharArray();
+                }
+            } catch (IOException ioe) {
+                System.err.println(ioe);
+                return null;
+            }
+        } else {
+            System.err.println(rb.getString("Unknown.password.type.") +
+                    modifier);
+            return null;
+        }
+    }
 }
--- a/jdk/src/share/classes/sun/security/tools/KeyTool.java	Sat Oct 13 10:15:57 2012 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,4147 +0,0 @@
-/*
- * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package sun.security.tools;
-
-import java.io.*;
-import java.security.CodeSigner;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.MessageDigest;
-import java.security.Key;
-import java.security.PublicKey;
-import java.security.PrivateKey;
-import java.security.Security;
-import java.security.Signature;
-import java.security.Timestamp;
-import java.security.UnrecoverableEntryException;
-import java.security.UnrecoverableKeyException;
-import java.security.NoSuchAlgorithmException;
-import java.security.Principal;
-import java.security.Provider;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateFactory;
-import java.security.cert.CertStoreException;
-import java.security.cert.CRL;
-import java.security.cert.X509Certificate;
-import java.security.cert.CertificateException;
-import java.text.Collator;
-import java.text.MessageFormat;
-import java.util.*;
-import java.util.jar.JarEntry;
-import java.util.jar.JarFile;
-import java.lang.reflect.Constructor;
-import java.math.BigInteger;
-import java.net.URI;
-import java.net.URL;
-import java.net.URLClassLoader;
-import java.security.cert.CertStore;
-
-import java.security.cert.X509CRL;
-import java.security.cert.X509CRLEntry;
-import java.security.cert.X509CRLSelector;
-import javax.security.auth.x500.X500Principal;
-import sun.misc.BASE64Encoder;
-import sun.security.util.ObjectIdentifier;
-import sun.security.pkcs10.PKCS10;
-import sun.security.pkcs10.PKCS10Attribute;
-import sun.security.provider.X509Factory;
-import sun.security.provider.certpath.CertStoreHelper;
-import sun.security.util.Password;
-import javax.crypto.KeyGenerator;
-import javax.crypto.SecretKey;
-
-import sun.misc.BASE64Decoder;
-import sun.security.pkcs.PKCS9Attribute;
-import sun.security.util.DerValue;
-import sun.security.x509.*;
-
-import static java.security.KeyStore.*;
-import static sun.security.tools.KeyTool.Command.*;
-import static sun.security.tools.KeyTool.Option.*;
-
-/**
- * This tool manages keystores.
- *
- * @author Jan Luehe
- *
- *
- * @see java.security.KeyStore
- * @see sun.security.provider.KeyProtector
- * @see sun.security.provider.JavaKeyStore
- *
- * @since 1.2
- */
-public final class KeyTool {
-
-    private boolean debug = false;
-    private Command command = null;
-    private String sigAlgName = null;
-    private String keyAlgName = null;
-    private boolean verbose = false;
-    private int keysize = -1;
-    private boolean rfc = false;
-    private long validity = (long)90;
-    private String alias = null;
-    private String dname = null;
-    private String dest = null;
-    private String filename = null;
-    private String infilename = null;
-    private String outfilename = null;
-    private String srcksfname = null;
-
-    // User-specified providers are added before any command is called.
-    // However, they are not removed before the end of the main() method.
-    // If you're calling KeyTool.main() directly in your own Java program,
-    // please programtically add any providers you need and do not specify
-    // them through the command line.
-
-    private Set<Pair <String, String>> providers = null;
-    private String storetype = null;
-    private String srcProviderName = null;
-    private String providerName = null;
-    private String pathlist = null;
-    private char[] storePass = null;
-    private char[] storePassNew = null;
-    private char[] keyPass = null;
-    private char[] keyPassNew = null;
-    private char[] newPass = null;
-    private char[] destKeyPass = null;
-    private char[] srckeyPass = null;
-    private String ksfname = null;
-    private File ksfile = null;
-    private InputStream ksStream = null; // keystore stream
-    private String sslserver = null;
-    private String jarfile = null;
-    private KeyStore keyStore = null;
-    private boolean token = false;
-    private boolean nullStream = false;
-    private boolean kssave = false;
-    private boolean noprompt = false;
-    private boolean trustcacerts = false;
-    private boolean protectedPath = false;
-    private boolean srcprotectedPath = false;
-    private CertificateFactory cf = null;
-    private KeyStore caks = null; // "cacerts" keystore
-    private char[] srcstorePass = null;
-    private String srcstoretype = null;
-    private Set<char[]> passwords = new HashSet<>();
-    private String startDate = null;
-
-    private List<String> ids = new ArrayList<>();   // used in GENCRL
-    private List<String> v3ext = new ArrayList<>();
-
-    enum Command {
-        CERTREQ("Generates.a.certificate.request",
-            ALIAS, SIGALG, FILEOUT, KEYPASS, KEYSTORE, DNAME,
-            STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS,
-            PROVIDERARG, PROVIDERPATH, V, PROTECTED),
-        CHANGEALIAS("Changes.an.entry.s.alias",
-            ALIAS, DESTALIAS, KEYPASS, KEYSTORE, STOREPASS,
-            STORETYPE, PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
-            PROVIDERPATH, V, PROTECTED),
-        DELETE("Deletes.an.entry",
-            ALIAS, KEYSTORE, STOREPASS, STORETYPE,
-            PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
-            PROVIDERPATH, V, PROTECTED),
-        EXPORTCERT("Exports.certificate",
-            RFC, ALIAS, FILEOUT, KEYSTORE, STOREPASS,
-            STORETYPE, PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
-            PROVIDERPATH, V, PROTECTED),
-        GENKEYPAIR("Generates.a.key.pair",
-            ALIAS, KEYALG, KEYSIZE, SIGALG, DESTALIAS, DNAME,
-            STARTDATE, EXT, VALIDITY, KEYPASS, KEYSTORE,
-            STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS,
-            PROVIDERARG, PROVIDERPATH, V, PROTECTED),
-        GENSECKEY("Generates.a.secret.key",
-            ALIAS, KEYPASS, KEYALG, KEYSIZE, KEYSTORE,
-            STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS,
-            PROVIDERARG, PROVIDERPATH, V, PROTECTED),
-        GENCERT("Generates.certificate.from.a.certificate.request",
-            RFC, INFILE, OUTFILE, ALIAS, SIGALG, DNAME,
-            STARTDATE, EXT, VALIDITY, KEYPASS, KEYSTORE,
-            STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS,
-            PROVIDERARG, PROVIDERPATH, V, PROTECTED),
-        IMPORTCERT("Imports.a.certificate.or.a.certificate.chain",
-            NOPROMPT, TRUSTCACERTS, PROTECTED, ALIAS, FILEIN,
-            KEYPASS, KEYSTORE, STOREPASS, STORETYPE,
-            PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
-            PROVIDERPATH, V),
-        IMPORTKEYSTORE("Imports.one.or.all.entries.from.another.keystore",
-            SRCKEYSTORE, DESTKEYSTORE, SRCSTORETYPE,
-            DESTSTORETYPE, SRCSTOREPASS, DESTSTOREPASS,
-            SRCPROTECTED, SRCPROVIDERNAME, DESTPROVIDERNAME,
-            SRCALIAS, DESTALIAS, SRCKEYPASS, DESTKEYPASS,
-            NOPROMPT, PROVIDERCLASS, PROVIDERARG, PROVIDERPATH,
-            V),
-        KEYPASSWD("Changes.the.key.password.of.an.entry",
-            ALIAS, KEYPASS, NEW, KEYSTORE, STOREPASS,
-            STORETYPE, PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
-            PROVIDERPATH, V),
-        LIST("Lists.entries.in.a.keystore",
-            RFC, ALIAS, KEYSTORE, STOREPASS, STORETYPE,
-            PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
-            PROVIDERPATH, V, PROTECTED),
-        PRINTCERT("Prints.the.content.of.a.certificate",
-            RFC, FILEIN, SSLSERVER, JARFILE, V),
-        PRINTCERTREQ("Prints.the.content.of.a.certificate.request",
-            FILEIN, V),
-        PRINTCRL("Prints.the.content.of.a.CRL.file",
-            FILEIN, V),
-        STOREPASSWD("Changes.the.store.password.of.a.keystore",
-            NEW, KEYSTORE, STOREPASS, STORETYPE, PROVIDERNAME,
-            PROVIDERCLASS, PROVIDERARG, PROVIDERPATH, V),
-
-        // Undocumented start here, KEYCLONE is used a marker in -help;
-
-        KEYCLONE("Clones.a.key.entry",
-            ALIAS, DESTALIAS, KEYPASS, NEW, STORETYPE,
-            KEYSTORE, STOREPASS, PROVIDERNAME, PROVIDERCLASS,
-            PROVIDERARG, PROVIDERPATH, V),
-        SELFCERT("Generates.a.self.signed.certificate",
-            ALIAS, SIGALG, DNAME, STARTDATE, VALIDITY, KEYPASS,
-            STORETYPE, KEYSTORE, STOREPASS, PROVIDERNAME,
-            PROVIDERCLASS, PROVIDERARG, PROVIDERPATH, V),
-        GENCRL("Generates.CRL",
-            RFC, FILEOUT, ID,
-            ALIAS, SIGALG, EXT, KEYPASS, KEYSTORE,
-            STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS,
-            PROVIDERARG, PROVIDERPATH, V, PROTECTED),
-        IDENTITYDB("Imports.entries.from.a.JDK.1.1.x.style.identity.database",
-            FILEIN, STORETYPE, KEYSTORE, STOREPASS, PROVIDERNAME,
-            PROVIDERCLASS, PROVIDERARG, PROVIDERPATH, V);
-
-        final String description;
-        final Option[] options;
-        Command(String d, Option... o) {
-            description = d;
-            options = o;
-        }
-        @Override
-        public String toString() {
-            return "-" + name().toLowerCase(Locale.ENGLISH);
-        }
-    };
-
-    enum Option {
-        ALIAS("alias", "<alias>", "alias.name.of.the.entry.to.process"),
-        DESTALIAS("destalias", "<destalias>", "destination.alias"),
-        DESTKEYPASS("destkeypass", "<arg>", "destination.key.password"),
-        DESTKEYSTORE("destkeystore", "<destkeystore>", "destination.keystore.name"),
-        DESTPROTECTED("destprotected", null, "destination.keystore.password.protected"),
-        DESTPROVIDERNAME("destprovidername", "<destprovidername>", "destination.keystore.provider.name"),
-        DESTSTOREPASS("deststorepass", "<arg>", "destination.keystore.password"),
-        DESTSTORETYPE("deststoretype", "<deststoretype>", "destination.keystore.type"),
-        DNAME("dname", "<dname>", "distinguished.name"),
-        EXT("ext", "<value>", "X.509.extension"),
-        FILEOUT("file", "<filename>", "output.file.name"),
-        FILEIN("file", "<filename>", "input.file.name"),
-        ID("id", "<id:reason>", "Serial.ID.of.cert.to.revoke"),
-        INFILE("infile", "<filename>", "input.file.name"),
-        KEYALG("keyalg", "<keyalg>", "key.algorithm.name"),
-        KEYPASS("keypass", "<arg>", "key.password"),
-        KEYSIZE("keysize", "<keysize>", "key.bit.size"),
-        KEYSTORE("keystore", "<keystore>", "keystore.name"),
-        NEW("new", "<arg>", "new.password"),
-        NOPROMPT("noprompt", null, "do.not.prompt"),
-        OUTFILE("outfile", "<filename>", "output.file.name"),
-        PROTECTED("protected", null, "password.through.protected.mechanism"),
-        PROVIDERARG("providerarg", "<arg>", "provider.argument"),
-        PROVIDERCLASS("providerclass", "<providerclass>", "provider.class.name"),
-        PROVIDERNAME("providername", "<providername>", "provider.name"),
-        PROVIDERPATH("providerpath", "<pathlist>", "provider.classpath"),
-        RFC("rfc", null, "output.in.RFC.style"),
-        SIGALG("sigalg", "<sigalg>", "signature.algorithm.name"),
-        SRCALIAS("srcalias", "<srcalias>", "source.alias"),
-        SRCKEYPASS("srckeypass", "<arg>", "source.key.password"),
-        SRCKEYSTORE("srckeystore", "<srckeystore>", "source.keystore.name"),
-        SRCPROTECTED("srcprotected", null, "source.keystore.password.protected"),
-        SRCPROVIDERNAME("srcprovidername", "<srcprovidername>", "source.keystore.provider.name"),
-        SRCSTOREPASS("srcstorepass", "<arg>", "source.keystore.password"),
-        SRCSTORETYPE("srcstoretype", "<srcstoretype>", "source.keystore.type"),
-        SSLSERVER("sslserver", "<server[:port]>", "SSL.server.host.and.port"),
-        JARFILE("jarfile", "<filename>", "signed.jar.file"),
-        STARTDATE("startdate", "<startdate>", "certificate.validity.start.date.time"),
-        STOREPASS("storepass", "<arg>", "keystore.password"),
-        STORETYPE("storetype", "<storetype>", "keystore.type"),
-        TRUSTCACERTS("trustcacerts", null, "trust.certificates.from.cacerts"),
-        V("v", null, "verbose.output"),
-        VALIDITY("validity", "<valDays>", "validity.number.of.days");
-
-        final String name, arg, description;
-        Option(String name, String arg, String description) {
-            this.name = name;
-            this.arg = arg;
-            this.description = description;
-        }
-        @Override
-        public String toString() {
-            return "-" + name;
-        }
-    };
-
-    private static final Class[] PARAM_STRING = { String.class };
-
-    private static final String JKS = "jks";
-    private static final String NONE = "NONE";
-    private static final String P11KEYSTORE = "PKCS11";
-    private static final String P12KEYSTORE = "PKCS12";
-    private final String keyAlias = "mykey";
-
-    // for i18n
-    private static final java.util.ResourceBundle rb =
-        java.util.ResourceBundle.getBundle("sun.security.util.Resources");
-    private static final Collator collator = Collator.getInstance();
-    static {
-        // this is for case insensitive string comparisons
-        collator.setStrength(Collator.PRIMARY);
-    };
-
-    private KeyTool() { }
-
-    public static void main(String[] args) throws Exception {
-        KeyTool kt = new KeyTool();
-        kt.run(args, System.out);
-    }
-
-    private void run(String[] args, PrintStream out) throws Exception {
-        try {
-            parseArgs(args);
-            if (command != null) {
-                doCommands(out);
-            }
-        } catch (Exception e) {
-            System.out.println(rb.getString("keytool.error.") + e);
-            if (verbose) {
-                e.printStackTrace(System.out);
-            }
-            if (!debug) {
-                System.exit(1);
-            } else {
-                throw e;
-            }
-        } finally {
-            for (char[] pass : passwords) {
-                if (pass != null) {
-                    Arrays.fill(pass, ' ');
-                    pass = null;
-                }
-            }
-
-            if (ksStream != null) {
-                ksStream.close();
-            }
-        }
-    }
-
-    /**
-     * Parse command line arguments.
-     */
-    void parseArgs(String[] args) {
-
-        int i=0;
-        boolean help = args.length == 0;
-
-        for (i=0; (i < args.length) && args[i].startsWith("-"); i++) {
-
-            String flags = args[i];
-
-            // Check if the last option needs an arg
-            if (i == args.length - 1) {
-                for (Option option: Option.values()) {
-                    // Only options with an arg need to be checked
-                    if (collator.compare(flags, option.toString()) == 0) {
-                        if (option.arg != null) errorNeedArgument(flags);
-                        break;
-                    }
-                }
-            }
-
-            /*
-             * Check modifiers
-             */
-            String modifier = null;
-            int pos = flags.indexOf(':');
-            if (pos > 0) {
-                modifier = flags.substring(pos+1);
-                flags = flags.substring(0, pos);
-            }
-            /*
-             * command modes
-             */
-            boolean isCommand = false;
-            for (Command c: Command.values()) {
-                if (collator.compare(flags, c.toString()) == 0) {
-                    command = c;
-                    isCommand = true;
-                    break;
-                }
-            }
-
-            if (isCommand) {
-                // already recognized as a command
-            } else if (collator.compare(flags, "-export") == 0) {
-                command = EXPORTCERT;
-            } else if (collator.compare(flags, "-genkey") == 0) {
-                command = GENKEYPAIR;
-            } else if (collator.compare(flags, "-import") == 0) {
-                command = IMPORTCERT;
-            }
-            /*
-             * Help
-             */
-            else if (collator.compare(flags, "-help") == 0) {
-                help = true;
-            }
-
-            /*
-             * specifiers
-             */
-            else if (collator.compare(flags, "-keystore") == 0 ||
-                    collator.compare(flags, "-destkeystore") == 0) {
-                ksfname = args[++i];
-            } else if (collator.compare(flags, "-storepass") == 0 ||
-                    collator.compare(flags, "-deststorepass") == 0) {
-                storePass = getPass(modifier, args[++i]);
-                passwords.add(storePass);
-            } else if (collator.compare(flags, "-storetype") == 0 ||
-                    collator.compare(flags, "-deststoretype") == 0) {
-                storetype = args[++i];
-            } else if (collator.compare(flags, "-srcstorepass") == 0) {
-                srcstorePass = getPass(modifier, args[++i]);
-                passwords.add(srcstorePass);
-            } else if (collator.compare(flags, "-srcstoretype") == 0) {
-                srcstoretype = args[++i];
-            } else if (collator.compare(flags, "-srckeypass") == 0) {
-                srckeyPass = getPass(modifier, args[++i]);
-                passwords.add(srckeyPass);
-            } else if (collator.compare(flags, "-srcprovidername") == 0) {
-                srcProviderName = args[++i];
-            } else if (collator.compare(flags, "-providername") == 0 ||
-                    collator.compare(flags, "-destprovidername") == 0) {
-                providerName = args[++i];
-            } else if (collator.compare(flags, "-providerpath") == 0) {
-                pathlist = args[++i];
-            } else if (collator.compare(flags, "-keypass") == 0) {
-                keyPass = getPass(modifier, args[++i]);
-                passwords.add(keyPass);
-            } else if (collator.compare(flags, "-new") == 0) {
-                newPass = getPass(modifier, args[++i]);
-                passwords.add(newPass);
-            } else if (collator.compare(flags, "-destkeypass") == 0) {
-                destKeyPass = getPass(modifier, args[++i]);
-                passwords.add(destKeyPass);
-            } else if (collator.compare(flags, "-alias") == 0 ||
-                    collator.compare(flags, "-srcalias") == 0) {
-                alias = args[++i];
-            } else if (collator.compare(flags, "-dest") == 0 ||
-                    collator.compare(flags, "-destalias") == 0) {
-                dest = args[++i];
-            } else if (collator.compare(flags, "-dname") == 0) {
-                dname = args[++i];
-            } else if (collator.compare(flags, "-keysize") == 0) {
-                keysize = Integer.parseInt(args[++i]);
-            } else if (collator.compare(flags, "-keyalg") == 0) {
-                keyAlgName = args[++i];
-            } else if (collator.compare(flags, "-sigalg") == 0) {
-                sigAlgName = args[++i];
-            } else if (collator.compare(flags, "-startdate") == 0) {
-                startDate = args[++i];
-            } else if (collator.compare(flags, "-validity") == 0) {
-                validity = Long.parseLong(args[++i]);
-            } else if (collator.compare(flags, "-ext") == 0) {
-                v3ext.add(args[++i]);
-            } else if (collator.compare(flags, "-id") == 0) {
-                ids.add(args[++i]);
-            } else if (collator.compare(flags, "-file") == 0) {
-                filename = args[++i];
-            } else if (collator.compare(flags, "-infile") == 0) {
-                infilename = args[++i];
-            } else if (collator.compare(flags, "-outfile") == 0) {
-                outfilename = args[++i];
-            } else if (collator.compare(flags, "-sslserver") == 0) {
-                sslserver = args[++i];
-            } else if (collator.compare(flags, "-jarfile") == 0) {
-                jarfile = args[++i];
-            } else if (collator.compare(flags, "-srckeystore") == 0) {
-                srcksfname = args[++i];
-            } else if ((collator.compare(flags, "-provider") == 0) ||
-                        (collator.compare(flags, "-providerclass") == 0)) {
-                if (providers == null) {
-                    providers = new HashSet<Pair <String, String>> (3);
-                }
-                String providerClass = args[++i];
-                String providerArg = null;
-
-                if (args.length > (i+1)) {
-                    flags = args[i+1];
-                    if (collator.compare(flags, "-providerarg") == 0) {
-                        if (args.length == (i+2)) errorNeedArgument(flags);
-                        providerArg = args[i+2];
-                        i += 2;
-                    }
-                }
-                providers.add(
-                        Pair.of(providerClass, providerArg));
-            }
-
-            /*
-             * options
-             */
-            else if (collator.compare(flags, "-v") == 0) {
-                verbose = true;
-            } else if (collator.compare(flags, "-debug") == 0) {
-                debug = true;
-            } else if (collator.compare(flags, "-rfc") == 0) {
-                rfc = true;
-            } else if (collator.compare(flags, "-noprompt") == 0) {
-                noprompt = true;
-            } else if (collator.compare(flags, "-trustcacerts") == 0) {
-                trustcacerts = true;
-            } else if (collator.compare(flags, "-protected") == 0 ||
-                    collator.compare(flags, "-destprotected") == 0) {
-                protectedPath = true;
-            } else if (collator.compare(flags, "-srcprotected") == 0) {
-                srcprotectedPath = true;
-            } else  {
-                System.err.println(rb.getString("Illegal.option.") + flags);
-                tinyHelp();
-            }
-        }
-
-        if (i<args.length) {
-            System.err.println(rb.getString("Illegal.option.") + args[i]);
-            tinyHelp();
-        }
-
-        if (command == null) {
-            if (help) {
-                usage();
-            } else {
-                System.err.println(rb.getString("Usage.error.no.command.provided"));
-                tinyHelp();
-            }
-        } else if (help) {
-            usage();
-            command = null;
-        }
-    }
-
-    boolean isKeyStoreRelated(Command cmd) {
-        return cmd != PRINTCERT && cmd != PRINTCERTREQ;
-    }
-
-    /**
-     * Execute the commands.
-     */
-    void doCommands(PrintStream out) throws Exception {
-
-        if (storetype == null) {
-            storetype = KeyStore.getDefaultType();
-        }
-        storetype = KeyStoreUtil.niceStoreTypeName(storetype);
-
-        if (srcstoretype == null) {
-            srcstoretype = KeyStore.getDefaultType();
-        }
-        srcstoretype = KeyStoreUtil.niceStoreTypeName(srcstoretype);
-
-        if (P11KEYSTORE.equalsIgnoreCase(storetype) ||
-                KeyStoreUtil.isWindowsKeyStore(storetype)) {
-            token = true;
-            if (ksfname == null) {
-                ksfname = NONE;
-            }
-        }
-        if (NONE.equals(ksfname)) {
-            nullStream = true;
-        }
-
-        if (token && !nullStream) {
-            System.err.println(MessageFormat.format(rb.getString
-                (".keystore.must.be.NONE.if.storetype.is.{0}"), storetype));
-            System.err.println();
-            tinyHelp();
-        }
-
-        if (token &&
-            (command == KEYPASSWD || command == STOREPASSWD)) {
-            throw new UnsupportedOperationException(MessageFormat.format(rb.getString
-                        (".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}"), storetype));
-        }
-
-        if (P12KEYSTORE.equalsIgnoreCase(storetype) && command == KEYPASSWD) {
-            throw new UnsupportedOperationException(rb.getString
-                        (".keypasswd.commands.not.supported.if.storetype.is.PKCS12"));
-        }
-
-        if (token && (keyPass != null || newPass != null || destKeyPass != null)) {
-            throw new IllegalArgumentException(MessageFormat.format(rb.getString
-                (".keypass.and.new.can.not.be.specified.if.storetype.is.{0}"), storetype));
-        }
-
-        if (protectedPath) {
-            if (storePass != null || keyPass != null ||
-                    newPass != null || destKeyPass != null) {
-                throw new IllegalArgumentException(rb.getString
-                        ("if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified"));
-            }
-        }
-
-        if (srcprotectedPath) {
-            if (srcstorePass != null || srckeyPass != null) {
-                throw new IllegalArgumentException(rb.getString
-                        ("if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified"));
-            }
-        }
-
-        if (KeyStoreUtil.isWindowsKeyStore(storetype)) {
-            if (storePass != null || keyPass != null ||
-                    newPass != null || destKeyPass != null) {
-                throw new IllegalArgumentException(rb.getString
-                        ("if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified"));
-            }
-        }
-
-        if (KeyStoreUtil.isWindowsKeyStore(srcstoretype)) {
-            if (srcstorePass != null || srckeyPass != null) {
-                throw new IllegalArgumentException(rb.getString
-                        ("if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified"));
-            }
-        }
-
-        if (validity <= (long)0) {
-            throw new Exception
-                (rb.getString("Validity.must.be.greater.than.zero"));
-        }
-
-        // Try to load and install specified provider
-        if (providers != null) {
-            ClassLoader cl = null;
-            if (pathlist != null) {
-                String path = null;
-                path = PathList.appendPath(
-                        path, System.getProperty("java.class.path"));
-                path = PathList.appendPath(
-                        path, System.getProperty("env.class.path"));
-                path = PathList.appendPath(path, pathlist);
-
-                URL[] urls = PathList.pathToURLs(path);
-                cl = new URLClassLoader(urls);
-            } else {
-                cl = ClassLoader.getSystemClassLoader();
-            }
-
-            for (Pair <String, String> provider: providers) {
-                String provName = provider.fst;
-                Class<?> provClass;
-                if (cl != null) {
-                    provClass = cl.loadClass(provName);
-                } else {
-                    provClass = Class.forName(provName);
-                }
-
-                String provArg = provider.snd;
-                Object obj;
-                if (provArg == null) {
-                    obj = provClass.newInstance();
-                } else {
-                    Constructor<?> c = provClass.getConstructor(PARAM_STRING);
-                    obj = c.newInstance(provArg);
-                }
-                if (!(obj instanceof Provider)) {
-                    MessageFormat form = new MessageFormat
-                        (rb.getString("provName.not.a.provider"));
-                    Object[] source = {provName};
-                    throw new Exception(form.format(source));
-                }
-                Security.addProvider((Provider)obj);
-            }
-        }
-
-        if (command == LIST && verbose && rfc) {
-            System.err.println(rb.getString
-                ("Must.not.specify.both.v.and.rfc.with.list.command"));
-            tinyHelp();
-        }
-
-        // Make sure provided passwords are at least 6 characters long
-        if (command == GENKEYPAIR && keyPass!=null && keyPass.length < 6) {
-            throw new Exception(rb.getString
-                ("Key.password.must.be.at.least.6.characters"));
-        }
-        if (newPass != null && newPass.length < 6) {
-            throw new Exception(rb.getString
-                ("New.password.must.be.at.least.6.characters"));
-        }
-        if (destKeyPass != null && destKeyPass.length < 6) {
-            throw new Exception(rb.getString
-                ("New.password.must.be.at.least.6.characters"));
-        }
-
-        // Check if keystore exists.
-        // If no keystore has been specified at the command line, try to use
-        // the default, which is located in $HOME/.keystore.
-        // If the command is "genkey", "identitydb", "import", or "printcert",
-        // it is OK not to have a keystore.
-        if (isKeyStoreRelated(command)) {
-            if (ksfname == null) {
-                ksfname = System.getProperty("user.home") + File.separator
-                    + ".keystore";
-            }
-
-            if (!nullStream) {
-                try {
-                    ksfile = new File(ksfname);
-                    // Check if keystore file is empty
-                    if (ksfile.exists() && ksfile.length() == 0) {
-                        throw new Exception(rb.getString
-                        ("Keystore.file.exists.but.is.empty.") + ksfname);
-                    }
-                    ksStream = new FileInputStream(ksfile);
-                } catch (FileNotFoundException e) {
-                    if (command != GENKEYPAIR &&
-                        command != GENSECKEY &&
-                        command != IDENTITYDB &&
-                        command != IMPORTCERT &&
-                        command != IMPORTKEYSTORE &&
-                        command != PRINTCRL) {
-                        throw new Exception(rb.getString
-                                ("Keystore.file.does.not.exist.") + ksfname);
-                    }
-                }
-            }
-        }
-
-        if ((command == KEYCLONE || command == CHANGEALIAS)
-                && dest == null) {
-            dest = getAlias("destination");
-            if ("".equals(dest)) {
-                throw new Exception(rb.getString
-                        ("Must.specify.destination.alias"));
-            }
-        }
-
-        if (command == DELETE && alias == null) {
-            alias = getAlias(null);
-            if ("".equals(alias)) {
-                throw new Exception(rb.getString("Must.specify.alias"));
-            }
-        }
-
-        // Create new keystore
-        if (providerName == null) {
-            keyStore = KeyStore.getInstance(storetype);
-        } else {
-            keyStore = KeyStore.getInstance(storetype, providerName);
-        }
-
-        /*
-         * Load the keystore data.
-         *
-         * At this point, it's OK if no keystore password has been provided.
-         * We want to make sure that we can load the keystore data, i.e.,
-         * the keystore data has the right format. If we cannot load the
-         * keystore, why bother asking the user for his or her password?
-         * Only if we were able to load the keystore, and no keystore
-         * password has been provided, will we prompt the user for the
-         * keystore password to verify the keystore integrity.
-         * This means that the keystore is loaded twice: first load operation
-         * checks the keystore format, second load operation verifies the
-         * keystore integrity.
-         *
-         * If the keystore password has already been provided (at the
-         * command line), however, the keystore is loaded only once, and the
-         * keystore format and integrity are checked "at the same time".
-         *
-         * Null stream keystores are loaded later.
-         */
-        if (!nullStream) {
-            keyStore.load(ksStream, storePass);
-            if (ksStream != null) {
-                ksStream.close();
-            }
-        }
-
-        // All commands that create or modify the keystore require a keystore
-        // password.
-
-        if (nullStream && storePass != null) {
-            keyStore.load(null, storePass);
-        } else if (!nullStream && storePass != null) {
-            // If we are creating a new non nullStream-based keystore,
-            // insist that the password be at least 6 characters
-            if (ksStream == null && storePass.length < 6) {
-                throw new Exception(rb.getString
-                        ("Keystore.password.must.be.at.least.6.characters"));
-            }
-        } else if (storePass == null) {
-
-            // only prompt if (protectedPath == false)
-
-            if (!protectedPath && !KeyStoreUtil.isWindowsKeyStore(storetype) &&
-                (command == CERTREQ ||
-                        command == DELETE ||
-                        command == GENKEYPAIR ||
-                        command == GENSECKEY ||
-                        command == IMPORTCERT ||
-                        command == IMPORTKEYSTORE ||
-                        command == KEYCLONE ||
-                        command == CHANGEALIAS ||
-                        command == SELFCERT ||
-                        command == STOREPASSWD ||
-                        command == KEYPASSWD ||
-                        command == IDENTITYDB)) {
-                int count = 0;
-                do {
-                    if (command == IMPORTKEYSTORE) {
-                        System.err.print
-                                (rb.getString("Enter.destination.keystore.password."));
-                    } else {
-                        System.err.print
-                                (rb.getString("Enter.keystore.password."));
-                    }
-                    System.err.flush();
-                    storePass = Password.readPassword(System.in);
-                    passwords.add(storePass);
-
-                    // If we are creating a new non nullStream-based keystore,
-                    // insist that the password be at least 6 characters
-                    if (!nullStream && (storePass == null || storePass.length < 6)) {
-                        System.err.println(rb.getString
-                                ("Keystore.password.is.too.short.must.be.at.least.6.characters"));
-                        storePass = null;
-                    }
-
-                    // If the keystore file does not exist and needs to be
-                    // created, the storepass should be prompted twice.
-                    if (storePass != null && !nullStream && ksStream == null) {
-                        System.err.print(rb.getString("Re.enter.new.password."));
-                        char[] storePassAgain = Password.readPassword(System.in);
-                        passwords.add(storePassAgain);
-                        if (!Arrays.equals(storePass, storePassAgain)) {
-                            System.err.println
-                                (rb.getString("They.don.t.match.Try.again"));
-                            storePass = null;
-                        }
-                    }
-
-                    count++;
-                } while ((storePass == null) && count < 3);
-
-
-                if (storePass == null) {
-                    System.err.println
-                        (rb.getString("Too.many.failures.try.later"));
-                    return;
-                }
-            } else if (!protectedPath
-                    && !KeyStoreUtil.isWindowsKeyStore(storetype)
-                    && isKeyStoreRelated(command)) {
-                // here we have EXPORTCERT and LIST (info valid until STOREPASSWD)
-                if (command != PRINTCRL) {
-                    System.err.print(rb.getString("Enter.keystore.password."));
-                    System.err.flush();
-                    storePass = Password.readPassword(System.in);
-                    passwords.add(storePass);
-                }
-            }
-
-            // Now load a nullStream-based keystore,
-            // or verify the integrity of an input stream-based keystore
-            if (nullStream) {
-                keyStore.load(null, storePass);
-            } else if (ksStream != null) {
-                ksStream = new FileInputStream(ksfile);
-                keyStore.load(ksStream, storePass);
-                ksStream.close();
-            }
-        }
-
-        if (storePass != null && P12KEYSTORE.equalsIgnoreCase(storetype)) {
-            MessageFormat form = new MessageFormat(rb.getString(
-                "Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value."));
-            if (keyPass != null && !Arrays.equals(storePass, keyPass)) {
-                Object[] source = {"-keypass"};
-                System.err.println(form.format(source));
-                keyPass = storePass;
-            }
-            if (newPass != null && !Arrays.equals(storePass, newPass)) {
-                Object[] source = {"-new"};
-                System.err.println(form.format(source));
-                newPass = storePass;
-            }
-            if (destKeyPass != null && !Arrays.equals(storePass, destKeyPass)) {
-                Object[] source = {"-destkeypass"};
-                System.err.println(form.format(source));
-                destKeyPass = storePass;
-            }
-        }
-
-        // Create a certificate factory
-        if (command == PRINTCERT || command == IMPORTCERT
-                || command == IDENTITYDB || command == PRINTCRL) {
-            cf = CertificateFactory.getInstance("X509");
-        }
-
-        if (trustcacerts) {
-            caks = getCacertsKeyStore();
-        }
-
-        // Perform the specified command
-        if (command == CERTREQ) {
-            if (filename != null) {
-                try (PrintStream ps = new PrintStream(new FileOutputStream
-                                                      (filename))) {
-                    doCertReq(alias, sigAlgName, ps);
-                }
-            } else {
-                doCertReq(alias, sigAlgName, out);
-            }
-            if (verbose && filename != null) {
-                MessageFormat form = new MessageFormat(rb.getString
-                        ("Certification.request.stored.in.file.filename."));
-                Object[] source = {filename};
-                System.err.println(form.format(source));
-                System.err.println(rb.getString("Submit.this.to.your.CA"));
-            }
-        } else if (command == DELETE) {
-            doDeleteEntry(alias);
-            kssave = true;
-        } else if (command == EXPORTCERT) {
-            if (filename != null) {
-                try (PrintStream ps = new PrintStream(new FileOutputStream
-                                                   (filename))) {
-                    doExportCert(alias, ps);
-                }
-            } else {
-                doExportCert(alias, out);
-            }
-            if (filename != null) {
-                MessageFormat form = new MessageFormat(rb.getString
-                        ("Certificate.stored.in.file.filename."));
-                Object[] source = {filename};
-                System.err.println(form.format(source));
-            }
-        } else if (command == GENKEYPAIR) {
-            if (keyAlgName == null) {
-                keyAlgName = "DSA";
-            }
-            doGenKeyPair(alias, dname, keyAlgName, keysize, sigAlgName);
-            kssave = true;
-        } else if (command == GENSECKEY) {
-            if (keyAlgName == null) {
-                keyAlgName = "DES";
-            }
-            doGenSecretKey(alias, keyAlgName, keysize);
-            kssave = true;
-        } else if (command == IDENTITYDB) {
-            if (filename != null) {
-                try (InputStream inStream = new FileInputStream(filename)) {
-                    doImportIdentityDatabase(inStream);
-                }
-            } else {
-                doImportIdentityDatabase(System.in);
-            }
-        } else if (command == IMPORTCERT) {
-            InputStream inStream = System.in;
-            if (filename != null) {
-                inStream = new FileInputStream(filename);
-            }
-            String importAlias = (alias!=null)?alias:keyAlias;
-            try {
-                if (keyStore.entryInstanceOf(
-                        importAlias, KeyStore.PrivateKeyEntry.class)) {
-                    kssave = installReply(importAlias, inStream);
-                    if (kssave) {
-                        System.err.println(rb.getString
-                            ("Certificate.reply.was.installed.in.keystore"));
-                    } else {
-                        System.err.println(rb.getString
-                            ("Certificate.reply.was.not.installed.in.keystore"));
-                    }
-                } else if (!keyStore.containsAlias(importAlias) ||
-                        keyStore.entryInstanceOf(importAlias,
-                            KeyStore.TrustedCertificateEntry.class)) {
-                    kssave = addTrustedCert(importAlias, inStream);
-                    if (kssave) {
-                        System.err.println(rb.getString
-                            ("Certificate.was.added.to.keystore"));
-                    } else {
-                        System.err.println(rb.getString
-                            ("Certificate.was.not.added.to.keystore"));
-                    }
-                }
-            } finally {
-                if (inStream != System.in) {
-                    inStream.close();
-                }
-            }
-        } else if (command == IMPORTKEYSTORE) {
-            doImportKeyStore();
-            kssave = true;
-        } else if (command == KEYCLONE) {
-            keyPassNew = newPass;
-
-            // added to make sure only key can go thru
-            if (alias == null) {
-                alias = keyAlias;
-            }
-            if (keyStore.containsAlias(alias) == false) {
-                MessageFormat form = new MessageFormat
-                    (rb.getString("Alias.alias.does.not.exist"));
-                Object[] source = {alias};
-                throw new Exception(form.format(source));
-            }
-            if (!keyStore.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class)) {
-                MessageFormat form = new MessageFormat(rb.getString(
-                        "Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key"));
-                Object[] source = {alias};
-                throw new Exception(form.format(source));
-            }
-
-            doCloneEntry(alias, dest, true);  // Now everything can be cloned
-            kssave = true;
-        } else if (command == CHANGEALIAS) {
-            if (alias == null) {
-                alias = keyAlias;
-            }
-            doCloneEntry(alias, dest, false);
-            // in PKCS11, clone a PrivateKeyEntry will delete the old one
-            if (keyStore.containsAlias(alias)) {
-                doDeleteEntry(alias);
-            }
-            kssave = true;
-        } else if (command == KEYPASSWD) {
-            keyPassNew = newPass;
-            doChangeKeyPasswd(alias);
-            kssave = true;
-        } else if (command == LIST) {
-            if (alias != null) {
-                doPrintEntry(alias, out, true);
-            } else {
-                doPrintEntries(out);
-            }
-        } else if (command == PRINTCERT) {
-            doPrintCert(out);
-        } else if (command == SELFCERT) {
-            doSelfCert(alias, dname, sigAlgName);
-            kssave = true;
-        } else if (command == STOREPASSWD) {
-            storePassNew = newPass;
-            if (storePassNew == null) {
-                storePassNew = getNewPasswd("keystore password", storePass);
-            }
-            kssave = true;
-        } else if (command == GENCERT) {
-            if (alias == null) {
-                alias = keyAlias;
-            }
-            InputStream inStream = System.in;
-            if (infilename != null) {
-                inStream = new FileInputStream(infilename);
-            }
-            PrintStream ps = null;
-            if (outfilename != null) {
-                ps = new PrintStream(new FileOutputStream(outfilename));
-                out = ps;
-            }
-            try {
-                doGenCert(alias, sigAlgName, inStream, out);
-            } finally {
-                if (inStream != System.in) {
-                    inStream.close();
-                }
-                if (ps != null) {
-                    ps.close();
-                }
-            }
-        } else if (command == GENCRL) {
-            if (alias == null) {
-                alias = keyAlias;
-            }
-            if (filename != null) {
-                try (PrintStream ps =
-                         new PrintStream(new FileOutputStream(filename))) {
-                    doGenCRL(ps);
-                }
-            } else {
-                doGenCRL(out);
-            }
-        } else if (command == PRINTCERTREQ) {
-            if (filename != null) {
-                try (InputStream inStream = new FileInputStream(filename)) {
-                    doPrintCertReq(inStream, out);
-                }
-            } else {
-                doPrintCertReq(System.in, out);
-            }
-        } else if (command == PRINTCRL) {
-            doPrintCRL(filename, out);
-        }
-
-        // If we need to save the keystore, do so.
-        if (kssave) {
-            if (verbose) {
-                MessageFormat form = new MessageFormat
-                        (rb.getString(".Storing.ksfname."));
-                Object[] source = {nullStream ? "keystore" : ksfname};
-                System.err.println(form.format(source));
-            }
-
-            if (token) {
-                keyStore.store(null, null);
-            } else {
-                char[] pass = (storePassNew!=null) ? storePassNew : storePass;
-                if (nullStream) {
-                    keyStore.store(null, pass);
-                } else {
-                    ByteArrayOutputStream bout = new ByteArrayOutputStream();
-                    keyStore.store(bout, pass);
-                    try (FileOutputStream fout = new FileOutputStream(ksfname)) {
-                        fout.write(bout.toByteArray());
-                    }
-                }
-            }
-        }
-    }
-
-    /**
-     * Generate a certificate: Read PKCS10 request from in, and print
-     * certificate to out. Use alias as CA, sigAlgName as the signature
-     * type.
-     */
-    private void doGenCert(String alias, String sigAlgName, InputStream in, PrintStream out)
-            throws Exception {
-
-
-        Certificate signerCert = keyStore.getCertificate(alias);
-        byte[] encoded = signerCert.getEncoded();
-        X509CertImpl signerCertImpl = new X509CertImpl(encoded);
-        X509CertInfo signerCertInfo = (X509CertInfo)signerCertImpl.get(
-                X509CertImpl.NAME + "." + X509CertImpl.INFO);
-        X500Name issuer = (X500Name)signerCertInfo.get(X509CertInfo.SUBJECT + "." +
-                                           CertificateSubjectName.DN_NAME);
-
-        Date firstDate = getStartDate(startDate);
-        Date lastDate = new Date();
-        lastDate.setTime(firstDate.getTime() + validity*1000L*24L*60L*60L);
-        CertificateValidity interval = new CertificateValidity(firstDate,
-                                                               lastDate);
-
-        PrivateKey privateKey =
-                (PrivateKey)recoverKey(alias, storePass, keyPass).fst;
-        if (sigAlgName == null) {
-            sigAlgName = getCompatibleSigAlgName(privateKey.getAlgorithm());
-        }
-        Signature signature = Signature.getInstance(sigAlgName);
-        signature.initSign(privateKey);
-
-        X509CertInfo info = new X509CertInfo();
-        info.set(X509CertInfo.VALIDITY, interval);
-        info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(
-                    new java.util.Random().nextInt() & 0x7fffffff));
-        info.set(X509CertInfo.VERSION,
-                    new CertificateVersion(CertificateVersion.V3));
-        info.set(X509CertInfo.ALGORITHM_ID,
-                    new CertificateAlgorithmId(
-                        AlgorithmId.get(sigAlgName)));
-        info.set(X509CertInfo.ISSUER, new CertificateIssuerName(issuer));
-
-        BufferedReader reader = new BufferedReader(new InputStreamReader(in));
-        boolean canRead = false;
-        StringBuffer sb = new StringBuffer();
-        while (true) {
-            String s = reader.readLine();
-            if (s == null) break;
-            // OpenSSL does not use NEW
-            //if (s.startsWith("-----BEGIN NEW CERTIFICATE REQUEST-----")) {
-            if (s.startsWith("-----BEGIN") && s.indexOf("REQUEST") >= 0) {
-                canRead = true;
-            //} else if (s.startsWith("-----END NEW CERTIFICATE REQUEST-----")) {
-            } else if (s.startsWith("-----END") && s.indexOf("REQUEST") >= 0) {
-                break;
-            } else if (canRead) {
-                sb.append(s);
-            }
-        }
-        byte[] rawReq = new BASE64Decoder().decodeBuffer(new String(sb));
-        PKCS10 req = new PKCS10(rawReq);
-
-        info.set(X509CertInfo.KEY, new CertificateX509Key(req.getSubjectPublicKeyInfo()));
-        info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(
-                dname==null?req.getSubjectName():new X500Name(dname)));
-        CertificateExtensions reqex = null;
-        Iterator<PKCS10Attribute> attrs = req.getAttributes().getAttributes().iterator();
-        while (attrs.hasNext()) {
-            PKCS10Attribute attr = attrs.next();
-            if (attr.getAttributeId().equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) {
-                reqex = (CertificateExtensions)attr.getAttributeValue();
-            }
-        }
-        CertificateExtensions ext = createV3Extensions(
-                reqex,
-                null,
-                v3ext,
-                req.getSubjectPublicKeyInfo(),
-                signerCert.getPublicKey());
-        info.set(X509CertInfo.EXTENSIONS, ext);
-        X509CertImpl cert = new X509CertImpl(info);
-        cert.sign(privateKey, sigAlgName);
-        dumpCert(cert, out);
-        for (Certificate ca: keyStore.getCertificateChain(alias)) {
-            if (ca instanceof X509Certificate) {
-                X509Certificate xca = (X509Certificate)ca;
-                if (!isSelfSigned(xca)) {
-                    dumpCert(xca, out);
-                }
-            }
-        }
-    }
-
-    private void doGenCRL(PrintStream out)
-            throws Exception {
-        if (ids == null) {
-            throw new Exception("Must provide -id when -gencrl");
-        }
-        Certificate signerCert = keyStore.getCertificate(alias);
-        byte[] encoded = signerCert.getEncoded();
-        X509CertImpl signerCertImpl = new X509CertImpl(encoded);
-        X509CertInfo signerCertInfo = (X509CertInfo)signerCertImpl.get(
-                X509CertImpl.NAME + "." + X509CertImpl.INFO);
-        X500Name owner = (X500Name)signerCertInfo.get(X509CertInfo.SUBJECT + "." +
-                                           CertificateSubjectName.DN_NAME);
-
-        Date firstDate = getStartDate(startDate);
-        Date lastDate = (Date) firstDate.clone();
-        lastDate.setTime(lastDate.getTime() + validity*1000*24*60*60);
-        CertificateValidity interval = new CertificateValidity(firstDate,
-                                                               lastDate);
-
-
-        PrivateKey privateKey =
-                (PrivateKey)recoverKey(alias, storePass, keyPass).fst;
-        if (sigAlgName == null) {
-            sigAlgName = getCompatibleSigAlgName(privateKey.getAlgorithm());
-        }
-
-        X509CRLEntry[] badCerts = new X509CRLEntry[ids.size()];
-        for (int i=0; i<ids.size(); i++) {
-            String id = ids.get(i);
-            int d = id.indexOf(':');
-            if (d >= 0) {
-                CRLExtensions ext = new CRLExtensions();
-                ext.set("Reason", new CRLReasonCodeExtension(Integer.parseInt(id.substring(d+1))));
-                badCerts[i] = new X509CRLEntryImpl(new BigInteger(id.substring(0, d)),
-                        firstDate, ext);
-            } else {
-                badCerts[i] = new X509CRLEntryImpl(new BigInteger(ids.get(i)), firstDate);
-            }
-        }
-        X509CRLImpl crl = new X509CRLImpl(owner, firstDate, lastDate, badCerts);
-        crl.sign(privateKey, sigAlgName);
-        if (rfc) {
-            out.println("-----BEGIN X509 CRL-----");
-            new BASE64Encoder().encodeBuffer(crl.getEncodedInternal(), out);
-            out.println("-----END X509 CRL-----");
-        } else {
-            out.write(crl.getEncodedInternal());
-        }
-    }
-
-    /**
-     * Creates a PKCS#10 cert signing request, corresponding to the
-     * keys (and name) associated with a given alias.
-     */
-    private void doCertReq(String alias, String sigAlgName, PrintStream out)
-        throws Exception
-    {
-        if (alias == null) {
-            alias = keyAlias;
-        }
-
-        Pair<Key,char[]> objs = recoverKey(alias, storePass, keyPass);
-        PrivateKey privKey = (PrivateKey)objs.fst;
-        if (keyPass == null) {
-            keyPass = objs.snd;
-        }
-
-        Certificate cert = keyStore.getCertificate(alias);
-        if (cert == null) {
-            MessageFormat form = new MessageFormat
-                (rb.getString("alias.has.no.public.key.certificate."));
-            Object[] source = {alias};
-            throw new Exception(form.format(source));
-        }
-        PKCS10 request = new PKCS10(cert.getPublicKey());
-        CertificateExtensions ext = createV3Extensions(null, null, v3ext, cert.getPublicKey(), null);
-        // Attribute name is not significant
-        request.getAttributes().setAttribute(X509CertInfo.EXTENSIONS,
-                new PKCS10Attribute(PKCS9Attribute.EXTENSION_REQUEST_OID, ext));
-
-        // Construct a Signature object, so that we can sign the request
-        if (sigAlgName == null) {
-            sigAlgName = getCompatibleSigAlgName(privKey.getAlgorithm());
-        }
-
-        Signature signature = Signature.getInstance(sigAlgName);
-        signature.initSign(privKey);
-        X500Name subject = dname == null?
-                new X500Name(((X509Certificate)cert).getSubjectDN().toString()):
-                new X500Name(dname);
-
-        // Sign the request and base-64 encode it
-        request.encodeAndSign(subject, signature);
-        request.print(out);
-    }
-
-    /**
-     * Deletes an entry from the keystore.
-     */
-    private void doDeleteEntry(String alias) throws Exception {
-        if (keyStore.containsAlias(alias) == false) {
-            MessageFormat form = new MessageFormat
-                (rb.getString("Alias.alias.does.not.exist"));
-            Object[] source = {alias};
-            throw new Exception(form.format(source));
-        }
-        keyStore.deleteEntry(alias);
-    }
-
-    /**
-     * Exports a certificate from the keystore.
-     */
-    private void doExportCert(String alias, PrintStream out)
-        throws Exception
-    {
-        if (storePass == null
-                && !KeyStoreUtil.isWindowsKeyStore(storetype)) {
-            printWarning();
-        }
-        if (alias == null) {
-            alias = keyAlias;
-        }
-        if (keyStore.containsAlias(alias) == false) {
-            MessageFormat form = new MessageFormat
-                (rb.getString("Alias.alias.does.not.exist"));
-            Object[] source = {alias};
-            throw new Exception(form.format(source));
-        }
-
-        X509Certificate cert = (X509Certificate)keyStore.getCertificate(alias);
-        if (cert == null) {
-            MessageFormat form = new MessageFormat
-                (rb.getString("Alias.alias.has.no.certificate"));
-            Object[] source = {alias};
-            throw new Exception(form.format(source));
-        }
-        dumpCert(cert, out);
-    }
-
-    /**
-     * Prompt the user for a keypass when generating a key entry.
-     * @param alias the entry we will set password for
-     * @param orig the original entry of doing a dup, null if generate new
-     * @param origPass the password to copy from if user press ENTER
-     */
-    private char[] promptForKeyPass(String alias, String orig, char[] origPass) throws Exception{
-        if (P12KEYSTORE.equalsIgnoreCase(storetype)) {
-            return origPass;
-        } else if (!token && !protectedPath) {
-            // Prompt for key password
-            int count;
-            for (count = 0; count < 3; count++) {
-                MessageFormat form = new MessageFormat(rb.getString
-                        ("Enter.key.password.for.alias."));
-                Object[] source = {alias};
-                System.err.println(form.format(source));
-                if (orig == null) {
-                    System.err.print(rb.getString
-                            (".RETURN.if.same.as.keystore.password."));
-                } else {
-                    form = new MessageFormat(rb.getString
-                            (".RETURN.if.same.as.for.otherAlias."));
-                    Object[] src = {orig};
-                    System.err.print(form.format(src));
-                }
-                System.err.flush();
-                char[] entered = Password.readPassword(System.in);
-                passwords.add(entered);
-                if (entered == null) {
-                    return origPass;
-                } else if (entered.length >= 6) {
-                    System.err.print(rb.getString("Re.enter.new.password."));
-                    char[] passAgain = Password.readPassword(System.in);
-                    passwords.add(passAgain);
-                    if (!Arrays.equals(entered, passAgain)) {
-                        System.err.println
-                            (rb.getString("They.don.t.match.Try.again"));
-                        continue;
-                    }
-                    return entered;
-                } else {
-                    System.err.println(rb.getString
-                        ("Key.password.is.too.short.must.be.at.least.6.characters"));
-                }
-            }
-            if (count == 3) {
-                if (command == KEYCLONE) {
-                    throw new Exception(rb.getString
-                        ("Too.many.failures.Key.entry.not.cloned"));
-                } else {
-                    throw new Exception(rb.getString
-                            ("Too.many.failures.key.not.added.to.keystore"));
-                }
-            }
-        }
-        return null;    // PKCS11, MSCAPI, or -protected
-    }
-    /**
-     * Creates a new secret key.
-     */
-    private void doGenSecretKey(String alias, String keyAlgName,
-                              int keysize)
-        throws Exception
-    {
-        if (alias == null) {
-            alias = keyAlias;
-        }
-        if (keyStore.containsAlias(alias)) {
-            MessageFormat form = new MessageFormat(rb.getString
-                ("Secret.key.not.generated.alias.alias.already.exists"));
-            Object[] source = {alias};
-            throw new Exception(form.format(source));
-        }
-
-        SecretKey secKey = null;
-        KeyGenerator keygen = KeyGenerator.getInstance(keyAlgName);
-        if (keysize != -1) {
-            keygen.init(keysize);
-        } else if ("DES".equalsIgnoreCase(keyAlgName)) {
-            keygen.init(56);
-        } else if ("DESede".equalsIgnoreCase(keyAlgName)) {
-            keygen.init(168);
-        } else {
-            throw new Exception(rb.getString
-                ("Please.provide.keysize.for.secret.key.generation"));
-        }
-
-        secKey = keygen.generateKey();
-        if (keyPass == null) {
-            keyPass = promptForKeyPass(alias, null, storePass);
-        }
-        keyStore.setKeyEntry(alias, secKey, keyPass, null);
-    }
-
-    /**
-     * If no signature algorithm was specified at the command line,
-     * we choose one that is compatible with the selected private key
-     */
-    private static String getCompatibleSigAlgName(String keyAlgName)
-            throws Exception {
-        if ("DSA".equalsIgnoreCase(keyAlgName)) {
-            return "SHA1WithDSA";
-        } else if ("RSA".equalsIgnoreCase(keyAlgName)) {
-            return "SHA256WithRSA";
-        } else if ("EC".equalsIgnoreCase(keyAlgName)) {
-            return "SHA256withECDSA";
-        } else {
-            throw new Exception(rb.getString
-                    ("Cannot.derive.signature.algorithm"));
-        }
-    }
-    /**
-     * Creates a new key pair and self-signed certificate.
-     */
-    private void doGenKeyPair(String alias, String dname, String keyAlgName,
-                              int keysize, String sigAlgName)
-        throws Exception
-    {
-        if (keysize == -1) {
-            if ("EC".equalsIgnoreCase(keyAlgName)) {
-                keysize = 256;
-            } else if ("RSA".equalsIgnoreCase(keyAlgName)) {
-                keysize = 2048;
-            } else {
-                keysize = 1024;
-            }
-        }
-
-        if (alias == null) {
-            alias = keyAlias;
-        }
-
-        if (keyStore.containsAlias(alias)) {
-            MessageFormat form = new MessageFormat(rb.getString
-                ("Key.pair.not.generated.alias.alias.already.exists"));
-            Object[] source = {alias};
-            throw new Exception(form.format(source));
-        }
-
-        if (sigAlgName == null) {
-            sigAlgName = getCompatibleSigAlgName(keyAlgName);
-        }
-        CertAndKeyGen keypair =
-                new CertAndKeyGen(keyAlgName, sigAlgName, providerName);
-
-
-        // If DN is provided, parse it. Otherwise, prompt the user for it.
-        X500Name x500Name;
-        if (dname == null) {
-            x500Name = getX500Name();
-        } else {
-            x500Name = new X500Name(dname);
-        }
-
-        keypair.generate(keysize);
-        PrivateKey privKey = keypair.getPrivateKey();
-
-        CertificateExtensions ext = createV3Extensions(
-                null,
-                null,
-                v3ext,
-                keypair.getPublicKeyAnyway(),
-                null);
-
-        X509Certificate[] chain = new X509Certificate[1];
-        chain[0] = keypair.getSelfCertificate(
-                x500Name, getStartDate(startDate), validity*24L*60L*60L, ext);
-
-        if (verbose) {
-            MessageFormat form = new MessageFormat(rb.getString
-                ("Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for"));
-            Object[] source = {new Integer(keysize),
-                                privKey.getAlgorithm(),
-                                chain[0].getSigAlgName(),
-                                new Long(validity),
-                                x500Name};
-            System.err.println(form.format(source));
-        }
-
-        if (keyPass == null) {
-            keyPass = promptForKeyPass(alias, null, storePass);
-        }
-        keyStore.setKeyEntry(alias, privKey, keyPass, chain);
-    }
-
-    /**
-     * Clones an entry
-     * @param orig original alias
-     * @param dest destination alias
-     * @changePassword if the password can be changed
-     */
-    private void doCloneEntry(String orig, String dest, boolean changePassword)
-        throws Exception
-    {
-        if (orig == null) {
-            orig = keyAlias;
-        }
-
-        if (keyStore.containsAlias(dest)) {
-            MessageFormat form = new MessageFormat
-                (rb.getString("Destination.alias.dest.already.exists"));
-            Object[] source = {dest};
-            throw new Exception(form.format(source));
-        }
-
-        Pair<Entry,char[]> objs = recoverEntry(keyStore, orig, storePass, keyPass);
-        Entry entry = objs.fst;
-        keyPass = objs.snd;
-
-        PasswordProtection pp = null;
-
-        if (keyPass != null) {  // protected
-            if (!changePassword || P12KEYSTORE.equalsIgnoreCase(storetype)) {
-                keyPassNew = keyPass;
-            } else {
-                if (keyPassNew == null) {
-                    keyPassNew = promptForKeyPass(dest, orig, keyPass);
-                }
-            }
-            pp = new PasswordProtection(keyPassNew);
-        }
-        keyStore.setEntry(dest, entry, pp);
-    }
-
-    /**
-     * Changes a key password.
-     */
-    private void doChangeKeyPasswd(String alias) throws Exception
-    {
-
-        if (alias == null) {
-            alias = keyAlias;
-        }
-        Pair<Key,char[]> objs = recoverKey(alias, storePass, keyPass);
-        Key privKey = objs.fst;
-        if (keyPass == null) {
-            keyPass = objs.snd;
-        }
-
-        if (keyPassNew == null) {
-            MessageFormat form = new MessageFormat
-                (rb.getString("key.password.for.alias."));
-            Object[] source = {alias};
-            keyPassNew = getNewPasswd(form.format(source), keyPass);
-        }
-        keyStore.setKeyEntry(alias, privKey, keyPassNew,
-                             keyStore.getCertificateChain(alias));
-    }
-
-    /**
-     * Imports a JDK 1.1-style identity database. We can only store one
-     * certificate per identity, because we use the identity's name as the
-     * alias (which references a keystore entry), and aliases must be unique.
-     */
-    private void doImportIdentityDatabase(InputStream in)
-        throws Exception
-    {
-        System.err.println(rb.getString
-            ("No.entries.from.identity.database.added"));
-    }
-
-    /**
-     * Prints a single keystore entry.
-     */
-    private void doPrintEntry(String alias, PrintStream out,
-                              boolean printWarning)
-        throws Exception
-    {
-        if (storePass == null && printWarning
-                && !KeyStoreUtil.isWindowsKeyStore(storetype)) {
-            printWarning();
-        }
-
-        if (keyStore.containsAlias(alias) == false) {
-            MessageFormat form = new MessageFormat
-                (rb.getString("Alias.alias.does.not.exist"));
-            Object[] source = {alias};
-            throw new Exception(form.format(source));
-        }
-
-        if (verbose || rfc || debug) {
-            MessageFormat form = new MessageFormat
-                (rb.getString("Alias.name.alias"));
-            Object[] source = {alias};
-            out.println(form.format(source));
-
-            if (!token) {
-                form = new MessageFormat(rb.getString
-                    ("Creation.date.keyStore.getCreationDate.alias."));
-                Object[] src = {keyStore.getCreationDate(alias)};
-                out.println(form.format(src));
-            }
-        } else {
-            if (!token) {
-                MessageFormat form = new MessageFormat
-                    (rb.getString("alias.keyStore.getCreationDate.alias."));
-                Object[] source = {alias, keyStore.getCreationDate(alias)};
-                out.print(form.format(source));
-            } else {
-                MessageFormat form = new MessageFormat
-                    (rb.getString("alias."));
-                Object[] source = {alias};
-                out.print(form.format(source));
-            }
-        }
-
-        if (keyStore.entryInstanceOf(alias, KeyStore.SecretKeyEntry.class)) {
-            if (verbose || rfc || debug) {
-                Object[] source = {"SecretKeyEntry"};
-                out.println(new MessageFormat(
-                        rb.getString("Entry.type.type.")).format(source));
-            } else {
-                out.println("SecretKeyEntry, ");
-            }
-        } else if (keyStore.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class)) {
-            if (verbose || rfc || debug) {
-                Object[] source = {"PrivateKeyEntry"};
-                out.println(new MessageFormat(
-                        rb.getString("Entry.type.type.")).format(source));
-            } else {
-                out.println("PrivateKeyEntry, ");
-            }
-
-            // Get the chain
-            Certificate[] chain = keyStore.getCertificateChain(alias);
-            if (chain != null) {
-                if (verbose || rfc || debug) {
-                    out.println(rb.getString
-                        ("Certificate.chain.length.") + chain.length);
-                    for (int i = 0; i < chain.length; i ++) {
-                        MessageFormat form = new MessageFormat
-                                (rb.getString("Certificate.i.1."));
-                        Object[] source = {new Integer((i + 1))};
-                        out.println(form.format(source));
-                        if (verbose && (chain[i] instanceof X509Certificate)) {
-                            printX509Cert((X509Certificate)(chain[i]), out);
-                        } else if (debug) {
-                            out.println(chain[i].toString());
-                        } else {
-                            dumpCert(chain[i], out);
-                        }
-                    }
-                } else {
-                    // Print the digest of the user cert only
-                    out.println
-                        (rb.getString("Certificate.fingerprint.SHA1.") +
-                        getCertFingerPrint("SHA1", chain[0]));
-                }
-            }
-        } else if (keyStore.entryInstanceOf(alias,
-                KeyStore.TrustedCertificateEntry.class)) {
-            // We have a trusted certificate entry
-            Certificate cert = keyStore.getCertificate(alias);
-            Object[] source = {"trustedCertEntry"};
-            String mf = new MessageFormat(
-                    rb.getString("Entry.type.type.")).format(source) + "\n";
-            if (verbose && (cert instanceof X509Certificate)) {
-                out.println(mf);
-                printX509Cert((X509Certificate)cert, out);
-            } else if (rfc) {
-                out.println(mf);
-                dumpCert(cert, out);
-            } else if (debug) {
-                out.println(cert.toString());
-            } else {
-                out.println("trustedCertEntry, ");
-                out.println(rb.getString("Certificate.fingerprint.SHA1.")
-                            + getCertFingerPrint("SHA1", cert));
-            }
-        } else {
-            out.println(rb.getString("Unknown.Entry.Type"));
-        }
-    }
-
-    /**
-     * Load the srckeystore from a stream, used in -importkeystore
-     * @returns the src KeyStore
-     */
-    KeyStore loadSourceKeyStore() throws Exception {
-        boolean isPkcs11 = false;
-
-        InputStream is = null;
-
-        if (P11KEYSTORE.equalsIgnoreCase(srcstoretype) ||
-                KeyStoreUtil.isWindowsKeyStore(srcstoretype)) {
-            if (!NONE.equals(srcksfname)) {
-                System.err.println(MessageFormat.format(rb.getString
-                    (".keystore.must.be.NONE.if.storetype.is.{0}"), srcstoretype));
-                System.err.println();
-                tinyHelp();
-            }
-            isPkcs11 = true;
-        } else {
-            if (srcksfname != null) {
-                File srcksfile = new File(srcksfname);
-                    if (srcksfile.exists() && srcksfile.length() == 0) {
-                        throw new Exception(rb.getString
-                                ("Source.keystore.file.exists.but.is.empty.") +
-                                srcksfname);
-                }
-                is = new FileInputStream(srcksfile);
-            } else {
-                throw new Exception(rb.getString
-                        ("Please.specify.srckeystore"));
-            }
-        }
-
-        KeyStore store;
-        try {
-            if (srcProviderName == null) {
-                store = KeyStore.getInstance(srcstoretype);
-            } else {
-                store = KeyStore.getInstance(srcstoretype, srcProviderName);
-            }
-
-            if (srcstorePass == null
-                    && !srcprotectedPath
-                    && !KeyStoreUtil.isWindowsKeyStore(srcstoretype)) {
-                System.err.print(rb.getString("Enter.source.keystore.password."));
-                System.err.flush();
-                srcstorePass = Password.readPassword(System.in);
-                passwords.add(srcstorePass);
-            }
-
-            // always let keypass be storepass when using pkcs12
-            if (P12KEYSTORE.equalsIgnoreCase(srcstoretype)) {
-                if (srckeyPass != null && srcstorePass != null &&
-                        !Arrays.equals(srcstorePass, srckeyPass)) {
-                    MessageFormat form = new MessageFormat(rb.getString(
-                        "Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value."));
-                    Object[] source = {"-srckeypass"};
-                    System.err.println(form.format(source));
-                    srckeyPass = srcstorePass;
-                }
-            }
-
-            store.load(is, srcstorePass);   // "is" already null in PKCS11
-        } finally {
-            if (is != null) {
-                is.close();
-            }
-        }
-
-        if (srcstorePass == null
-                && !KeyStoreUtil.isWindowsKeyStore(srcstoretype)) {
-            // anti refactoring, copied from printWarning(),
-            // but change 2 lines
-            System.err.println();
-            System.err.println(rb.getString
-                (".WARNING.WARNING.WARNING."));
-            System.err.println(rb.getString
-                (".The.integrity.of.the.information.stored.in.the.srckeystore."));
-            System.err.println(rb.getString
-                (".WARNING.WARNING.WARNING."));
-            System.err.println();
-        }
-
-        return store;
-    }
-
-    /**
-     * import all keys and certs from importkeystore.
-     * keep alias unchanged if no name conflict, otherwise, prompt.
-     * keep keypass unchanged for keys
-     */
-    private void doImportKeyStore() throws Exception {
-
-        if (alias != null) {
-            doImportKeyStoreSingle(loadSourceKeyStore(), alias);
-        } else {
-            if (dest != null || srckeyPass != null || destKeyPass != null) {
-                throw new Exception(rb.getString(
-                        "if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified"));
-            }
-            doImportKeyStoreAll(loadSourceKeyStore());
-        }
-        /*
-         * Information display rule of -importkeystore
-         * 1. inside single, shows failure
-         * 2. inside all, shows sucess
-         * 3. inside all where there is a failure, prompt for continue
-         * 4. at the final of all, shows summary
-         */
-    }
-
-    /**
-     * Import a single entry named alias from srckeystore
-     * @returns 1 if the import action succeed
-     *          0 if user choose to ignore an alias-dumplicated entry
-     *          2 if setEntry throws Exception
-     */
-    private int doImportKeyStoreSingle(KeyStore srckeystore, String alias)
-            throws Exception {
-
-        String newAlias = (dest==null) ? alias : dest;
-
-        if (keyStore.containsAlias(newAlias)) {
-            Object[] source = {alias};
-            if (noprompt) {
-                System.err.println(new MessageFormat(rb.getString(
-                        "Warning.Overwriting.existing.alias.alias.in.destination.keystore")).format(source));
-            } else {
-                String reply = getYesNoReply(new MessageFormat(rb.getString(
-                        "Existing.entry.alias.alias.exists.overwrite.no.")).format(source));
-                if ("NO".equals(reply)) {
-                    newAlias = inputStringFromStdin(rb.getString
-                            ("Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry."));
-                    if ("".equals(newAlias)) {
-                        System.err.println(new MessageFormat(rb.getString(
-                                "Entry.for.alias.alias.not.imported.")).format(
-                                source));
-                        return 0;
-                    }
-                }
-            }
-        }
-
-        Pair<Entry,char[]> objs = recoverEntry(srckeystore, alias, srcstorePass, srckeyPass);
-        Entry entry = objs.fst;
-
-        PasswordProtection pp = null;
-
-        // According to keytool.html, "The destination entry will be protected
-        // using destkeypass. If destkeypass is not provided, the destination
-        // entry will be protected with the source entry password."
-        // so always try to protect with destKeyPass.
-        if (destKeyPass != null) {
-            pp = new PasswordProtection(destKeyPass);
-        } else if (objs.snd != null) {
-            pp = new PasswordProtection(objs.snd);
-        }
-
-        try {
-            keyStore.setEntry(newAlias, entry, pp);
-            return 1;
-        } catch (KeyStoreException kse) {
-            Object[] source2 = {alias, kse.toString()};
-            MessageFormat form = new MessageFormat(rb.getString(
-                    "Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported."));
-            System.err.println(form.format(source2));
-            return 2;
-        }
-    }
-
-    private void doImportKeyStoreAll(KeyStore srckeystore) throws Exception {
-
-        int ok = 0;
-        int count = srckeystore.size();
-        for (Enumeration<String> e = srckeystore.aliases();
-                                        e.hasMoreElements(); ) {
-            String alias = e.nextElement();
-            int result = doImportKeyStoreSingle(srckeystore, alias);
-            if (result == 1) {
-                ok++;
-                Object[] source = {alias};
-                MessageFormat form = new MessageFormat(rb.getString("Entry.for.alias.alias.successfully.imported."));
-                System.err.println(form.format(source));
-            } else if (result == 2) {
-                if (!noprompt) {
-                    String reply = getYesNoReply("Do you want to quit the import process? [no]:  ");
-                    if ("YES".equals(reply)) {
-                        break;
-                    }
-                }
-            }
-        }
-        Object[] source = {ok, count-ok};
-        MessageFormat form = new MessageFormat(rb.getString(
-                "Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled"));
-        System.err.println(form.format(source));
-    }
-
-    /**
-     * Prints all keystore entries.
-     */
-    private void doPrintEntries(PrintStream out)
-        throws Exception
-    {
-        if (storePass == null
-                && !KeyStoreUtil.isWindowsKeyStore(storetype)) {
-            printWarning();
-        } else {
-            out.println();
-        }
-
-        out.println(rb.getString("Keystore.type.") + keyStore.getType());
-        out.println(rb.getString("Keystore.provider.") +
-                keyStore.getProvider().getName());
-        out.println();
-
-        MessageFormat form;
-        form = (keyStore.size() == 1) ?
-                new MessageFormat(rb.getString
-                        ("Your.keystore.contains.keyStore.size.entry")) :
-                new MessageFormat(rb.getString
-                        ("Your.keystore.contains.keyStore.size.entries"));
-        Object[] source = {new Integer(keyStore.size())};
-        out.println(form.format(source));
-        out.println();
-
-        for (Enumeration<String> e = keyStore.aliases();
-                                        e.hasMoreElements(); ) {
-            String alias = e.nextElement();
-            doPrintEntry(alias, out, false);
-            if (verbose || rfc) {
-                out.println(rb.getString("NEWLINE"));
-                out.println(rb.getString
-                        ("STAR"));
-                out.println(rb.getString
-                        ("STARNN"));
-            }
-        }
-    }
-
-    private static <T> Iterable<T> e2i(final Enumeration<T> e) {
-        return new Iterable<T>() {
-            @Override
-            public Iterator<T> iterator() {
-                return new Iterator<T>() {
-                    @Override
-                    public boolean hasNext() {
-                        return e.hasMoreElements();
-                    }
-                    @Override
-                    public T next() {
-                        return e.nextElement();
-                    }
-                    public void remove() {
-                        throw new UnsupportedOperationException("Not supported yet.");
-                    }
-                };
-            }
-        };
-    }
-
-    /**
-     * Loads CRLs from a source. This method is also called in JarSigner.
-     * @param src the source, which means System.in if null, or a URI,
-     *        or a bare file path name
-     */
-    public static Collection<? extends CRL> loadCRLs(String src) throws Exception {
-        InputStream in = null;
-        URI uri = null;
-        if (src == null) {
-            in = System.in;
-        } else {
-            try {
-                uri = new URI(src);
-                if (uri.getScheme().equals("ldap")) {
-                    // No input stream for LDAP
-                } else {
-                    in = uri.toURL().openStream();
-                }
-            } catch (Exception e) {
-                try {
-                    in = new FileInputStream(src);
-                } catch (Exception e2) {
-                    if (uri == null || uri.getScheme() == null) {
-                        throw e2;   // More likely a bare file path
-                    } else {
-                        throw e;    // More likely a protocol or network problem
-                    }
-                }
-            }
-        }
-        if (in != null) {
-            try {
-                // Read the full stream before feeding to X509Factory,
-                // otherwise, keytool -gencrl | keytool -printcrl
-                // might not work properly, since -gencrl is slow
-                // and there's no data in the pipe at the beginning.
-                ByteArrayOutputStream bout = new ByteArrayOutputStream();
-                byte[] b = new byte[4096];
-                while (true) {
-                    int len = in.read(b);
-                    if (len < 0) break;
-                    bout.write(b, 0, len);
-                }
-                return CertificateFactory.getInstance("X509").generateCRLs(
-                        new ByteArrayInputStream(bout.toByteArray()));
-            } finally {
-                if (in != System.in) {
-                    in.close();
-                }
-            }
-        } else {    // must be LDAP, and uri is not null
-            // Lazily load LDAPCertStoreHelper if present
-            CertStoreHelper helper = CertStoreHelper.getInstance("LDAP");
-            String path = uri.getPath();
-            if (path.charAt(0) == '/') path = path.substring(1);
-            CertStore s = helper.getCertStore(uri);
-            X509CRLSelector sel =
-                    helper.wrap(new X509CRLSelector(), null, path);
-            return s.getCRLs(sel);
-        }
-    }
-
-    /**
-     * Returns CRLs described in a X509Certificate's CRLDistributionPoints
-     * Extension. Only those containing a general name of type URI are read.
-     */
-    public static List<CRL> readCRLsFromCert(X509Certificate cert)
-            throws Exception {
-        List<CRL> crls = new ArrayList<>();
-        CRLDistributionPointsExtension ext =
-                X509CertImpl.toImpl(cert).getCRLDistributionPointsExtension();
-        if (ext == null) return crls;
-        List<DistributionPoint> distPoints =
-                ext.get(CRLDistributionPointsExtension.POINTS);
-        for (DistributionPoint o: distPoints) {
-            GeneralNames names = o.getFullName();
-            if (names != null) {
-                for (GeneralName name: names.names()) {
-                    if (name.getType() == GeneralNameInterface.NAME_URI) {
-                        URIName uriName = (URIName)name.getName();
-                        for (CRL crl: KeyTool.loadCRLs(uriName.getName())) {
-                            if (crl instanceof X509CRL) {
-                                crls.add((X509CRL)crl);
-                            }
-                        }
-                        break;  // Different name should point to same CRL
-                    }
-                }
-            }
-        }
-        return crls;
-    }
-
-    private static String verifyCRL(KeyStore ks, CRL crl)
-            throws Exception {
-        X509CRLImpl xcrl = (X509CRLImpl)crl;
-        X500Principal issuer = xcrl.getIssuerX500Principal();
-        for (String s: e2i(ks.aliases())) {
-            Certificate cert = ks.getCertificate(s);
-            if (cert instanceof X509Certificate) {
-                X509Certificate xcert = (X509Certificate)cert;
-                if (xcert.getSubjectX500Principal().equals(issuer)) {
-                    try {
-                        ((X509CRLImpl)crl).verify(cert.getPublicKey());
-                        return s;
-                    } catch (Exception e) {
-                    }
-                }
-            }
-        }
-        return null;
-    }
-
-    private void doPrintCRL(String src, PrintStream out)
-            throws Exception {
-        for (CRL crl: loadCRLs(src)) {
-            printCRL(crl, out);
-            String issuer = null;
-            if (caks != null) {
-                issuer = verifyCRL(caks, crl);
-                if (issuer != null) {
-                    out.printf(rb.getString(
-                            "verified.by.s.in.s"), issuer, "cacerts");
-                    out.println();
-                }
-            }
-            if (issuer == null && keyStore != null) {
-                issuer = verifyCRL(keyStore, crl);
-                if (issuer != null) {
-                    out.printf(rb.getString(
-                            "verified.by.s.in.s"), issuer, "keystore");
-                    out.println();
-                }
-            }
-            if (issuer == null) {
-                out.println(rb.getString
-                        ("STAR"));
-                out.println(rb.getString
-                        ("warning.not.verified.make.sure.keystore.is.correct"));
-                out.println(rb.getString
-                        ("STARNN"));
-            }
-        }
-    }
-
-    private void printCRL(CRL crl, PrintStream out)
-            throws Exception {
-        if (rfc) {
-            X509CRL xcrl = (X509CRL)crl;
-            out.println("-----BEGIN X509 CRL-----");
-            new BASE64Encoder().encodeBuffer(xcrl.getEncoded(), out);
-            out.println("-----END X509 CRL-----");
-        } else {
-            out.println(crl.toString());
-        }
-    }
-
-    private void doPrintCertReq(InputStream in, PrintStream out)
-            throws Exception {
-
-        BufferedReader reader = new BufferedReader(new InputStreamReader(in));
-        StringBuffer sb = new StringBuffer();
-        boolean started = false;
-        while (true) {
-            String s = reader.readLine();
-            if (s == null) break;
-            if (!started) {
-                if (s.startsWith("-----")) {
-                    started = true;
-                }
-            } else {
-                if (s.startsWith("-----")) {
-                    break;
-                }
-                sb.append(s);
-            }
-        }
-        PKCS10 req = new PKCS10(new BASE64Decoder().decodeBuffer(new String(sb)));
-
-        PublicKey pkey = req.getSubjectPublicKeyInfo();
-        out.printf(rb.getString("PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key."),
-                req.getSubjectName(), pkey.getFormat(), pkey.getAlgorithm());
-        for (PKCS10Attribute attr: req.getAttributes().getAttributes()) {
-            ObjectIdentifier oid = attr.getAttributeId();
-            if (oid.equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) {
-                CertificateExtensions exts = (CertificateExtensions)attr.getAttributeValue();
-                if (exts != null) {
-                    printExtensions(rb.getString("Extension.Request."), exts, out);
-                }
-            } else {
-                out.println(attr.getAttributeId());
-                out.println(attr.getAttributeValue());
-            }
-        }
-        if (debug) {
-            out.println(req);   // Just to see more, say, public key length...
-        }
-    }
-
-    /**
-     * Reads a certificate (or certificate chain) and prints its contents in
-     * a human readable format.
-     */
-    private void printCertFromStream(InputStream in, PrintStream out)
-        throws Exception
-    {
-        Collection<? extends Certificate> c = null;
-        try {
-            c = cf.generateCertificates(in);
-        } catch (CertificateException ce) {
-            throw new Exception(rb.getString("Failed.to.parse.input"), ce);
-        }
-        if (c.isEmpty()) {
-            throw new Exception(rb.getString("Empty.input"));
-        }
-        Certificate[] certs = c.toArray(new Certificate[c.size()]);
-        for (int i=0; i<certs.length; i++) {
-            X509Certificate x509Cert = null;
-            try {
-                x509Cert = (X509Certificate)certs[i];
-            } catch (ClassCastException cce) {
-                throw new Exception(rb.getString("Not.X.509.certificate"));
-            }
-            if (certs.length > 1) {
-                MessageFormat form = new MessageFormat
-                        (rb.getString("Certificate.i.1."));
-                Object[] source = {new Integer(i + 1)};
-                out.println(form.format(source));
-            }
-            if (rfc) dumpCert(x509Cert, out);
-            else printX509Cert(x509Cert, out);
-            if (i < (certs.length-1)) {
-                out.println();
-            }
-        }
-    }
-
-    private void doPrintCert(final PrintStream out) throws Exception {
-        if (jarfile != null) {
-            JarFile jf = new JarFile(jarfile, true);
-            Enumeration<JarEntry> entries = jf.entries();
-            Set<CodeSigner> ss = new HashSet<>();
-            byte[] buffer = new byte[8192];
-            int pos = 0;
-            while (entries.hasMoreElements()) {
-                JarEntry je = entries.nextElement();
-                try (InputStream is = jf.getInputStream(je)) {
-                    while (is.read(buffer) != -1) {
-                        // we just read. this will throw a SecurityException
-                        // if a signature/digest check fails. This also
-                        // populate the signers
-                    }
-                }
-                CodeSigner[] signers = je.getCodeSigners();
-                if (signers != null) {
-                    for (CodeSigner signer: signers) {
-                        if (!ss.contains(signer)) {
-                            ss.add(signer);
-                            out.printf(rb.getString("Signer.d."), ++pos);
-                            out.println();
-                            out.println();
-                            out.println(rb.getString("Signature."));
-                            out.println();
-                            for (Certificate cert: signer.getSignerCertPath().getCertificates()) {
-                                X509Certificate x = (X509Certificate)cert;
-                                if (rfc) {
-                                    out.println(rb.getString("Certificate.owner.") + x.getSubjectDN() + "\n");
-                                    dumpCert(x, out);
-                                } else {
-                                    printX509Cert(x, out);
-                                }
-                                out.println();
-                            }
-                            Timestamp ts = signer.getTimestamp();
-                            if (ts != null) {
-                                out.println(rb.getString("Timestamp."));
-                                out.println();
-                                for (Certificate cert: ts.getSignerCertPath().getCertificates()) {
-                                    X509Certificate x = (X509Certificate)cert;
-                                    if (rfc) {
-                                        out.println(rb.getString("Certificate.owner.") + x.getSubjectDN() + "\n");
-                                        dumpCert(x, out);
-                                    } else {
-                                        printX509Cert(x, out);
-                                    }
-                                    out.println();
-                                }
-                            }
-                        }
-                    }
-                }
-            }
-            jf.close();
-            if (ss.isEmpty()) {
-                out.println(rb.getString("Not.a.signed.jar.file"));
-            }
-        } else if (sslserver != null) {
-            // Lazily load SSLCertStoreHelper if present
-            CertStoreHelper helper = CertStoreHelper.getInstance("SSLServer");
-            CertStore cs = helper.getCertStore(new URI("https://" + sslserver));
-            Collection<? extends Certificate> chain;
-            try {
-                chain = cs.getCertificates(null);
-                if (chain.isEmpty()) {
-                    // If the certs are not retrieved, we consider it an error
-                    // even if the URL connection is successful.
-                    throw new Exception(rb.getString(
-                                        "No.certificate.from.the.SSL.server"));
-                }
-            } catch (CertStoreException cse) {
-                if (cse.getCause() instanceof IOException) {
-                    throw new Exception(rb.getString(
-                                        "No.certificate.from.the.SSL.server"),
-                                        cse.getCause());
-                } else {
-                    throw cse;
-                }
-            }
-
-            int i = 0;
-            for (Certificate cert : chain) {
-                try {
-                    if (rfc) {
-                        dumpCert(cert, out);
-                    } else {
-                        out.println("Certificate #" + i++);
-                        out.println("====================================");
-                        printX509Cert((X509Certificate)cert, out);
-                        out.println();
-                    }
-                } catch (Exception e) {
-                    if (debug) {
-                        e.printStackTrace();
-                    }
-                }
-            }
-        } else {
-            if (filename != null) {
-                try (FileInputStream inStream = new FileInputStream(filename)) {
-                    printCertFromStream(inStream, out);
-                }
-            } else {
-                printCertFromStream(System.in, out);
-            }
-        }
-    }
-    /**
-     * Creates a self-signed certificate, and stores it as a single-element
-     * certificate chain.
-     */
-    private void doSelfCert(String alias, String dname, String sigAlgName)
-        throws Exception
-    {
-        if (alias == null) {
-            alias = keyAlias;
-        }
-
-        Pair<Key,char[]> objs = recoverKey(alias, storePass, keyPass);
-        PrivateKey privKey = (PrivateKey)objs.fst;
-        if (keyPass == null)
-            keyPass = objs.snd;
-
-        // Determine the signature algorithm
-        if (sigAlgName == null) {
-            sigAlgName = getCompatibleSigAlgName(privKey.getAlgorithm());
-        }
-
-        // Get the old certificate
-        Certificate oldCert = keyStore.getCertificate(alias);
-        if (oldCert == null) {
-            MessageFormat form = new MessageFormat
-                (rb.getString("alias.has.no.public.key"));
-            Object[] source = {alias};
-            throw new Exception(form.format(source));
-        }
-        if (!(oldCert instanceof X509Certificate)) {
-            MessageFormat form = new MessageFormat
-                (rb.getString("alias.has.no.X.509.certificate"));
-            Object[] source = {alias};
-            throw new Exception(form.format(source));
-        }
-
-        // convert to X509CertImpl, so that we can modify selected fields
-        // (no public APIs available yet)
-        byte[] encoded = oldCert.getEncoded();
-        X509CertImpl certImpl = new X509CertImpl(encoded);
-        X509CertInfo certInfo = (X509CertInfo)certImpl.get(X509CertImpl.NAME
-                                                           + "." +
-                                                           X509CertImpl.INFO);
-
-        // Extend its validity
-        Date firstDate = getStartDate(startDate);
-        Date lastDate = new Date();
-        lastDate.setTime(firstDate.getTime() + validity*1000L*24L*60L*60L);
-        CertificateValidity interval = new CertificateValidity(firstDate,
-                                                               lastDate);
-        certInfo.set(X509CertInfo.VALIDITY, interval);
-
-        // Make new serial number
-        certInfo.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(
-                    new java.util.Random().nextInt() & 0x7fffffff));
-
-        // Set owner and issuer fields
-        X500Name owner;
-        if (dname == null) {
-            // Get the owner name from the certificate
-            owner = (X500Name)certInfo.get(X509CertInfo.SUBJECT + "." +
-                                           CertificateSubjectName.DN_NAME);
-        } else {
-            // Use the owner name specified at the command line
-            owner = new X500Name(dname);
-            certInfo.set(X509CertInfo.SUBJECT + "." +
-                         CertificateSubjectName.DN_NAME, owner);
-        }
-        // Make issuer same as owner (self-signed!)
-        certInfo.set(X509CertInfo.ISSUER + "." +
-                     CertificateIssuerName.DN_NAME, owner);
-
-        // The inner and outer signature algorithms have to match.
-        // The way we achieve that is really ugly, but there seems to be no
-        // other solution: We first sign the cert, then retrieve the
-        // outer sigalg and use it to set the inner sigalg
-        X509CertImpl newCert = new X509CertImpl(certInfo);
-        newCert.sign(privKey, sigAlgName);
-        AlgorithmId sigAlgid = (AlgorithmId)newCert.get(X509CertImpl.SIG_ALG);
-        certInfo.set(CertificateAlgorithmId.NAME + "." +
-                     CertificateAlgorithmId.ALGORITHM, sigAlgid);
-
-        certInfo.set(X509CertInfo.VERSION,
-                        new CertificateVersion(CertificateVersion.V3));
-
-        CertificateExtensions ext = createV3Extensions(
-                null,
-                (CertificateExtensions)certInfo.get(X509CertInfo.EXTENSIONS),
-                v3ext,
-                oldCert.getPublicKey(),
-                null);
-        certInfo.set(X509CertInfo.EXTENSIONS, ext);
-        // Sign the new certificate
-        newCert = new X509CertImpl(certInfo);
-        newCert.sign(privKey, sigAlgName);
-
-        // Store the new certificate as a single-element certificate chain
-        keyStore.setKeyEntry(alias, privKey,
-                             (keyPass != null) ? keyPass : storePass,
-                             new Certificate[] { newCert } );
-
-        if (verbose) {
-            System.err.println(rb.getString("New.certificate.self.signed."));
-            System.err.print(newCert.toString());
-            System.err.println();
-        }
-    }
-
-    /**
-     * Processes a certificate reply from a certificate authority.
-     *
-     * <p>Builds a certificate chain on top of the certificate reply,
-     * using trusted certificates from the keystore. The chain is complete
-     * after a self-signed certificate has been encountered. The self-signed
-     * certificate is considered a root certificate authority, and is stored
-     * at the end of the chain.
-     *
-     * <p>The newly generated chain replaces the old chain associated with the
-     * key entry.
-     *
-     * @return true if the certificate reply was installed, otherwise false.
-     */
-    private boolean installReply(String alias, InputStream in)
-        throws Exception
-    {
-        if (alias == null) {
-            alias = keyAlias;
-        }
-
-        Pair<Key,char[]> objs = recoverKey(alias, storePass, keyPass);
-        PrivateKey privKey = (PrivateKey)objs.fst;
-        if (keyPass == null) {
-            keyPass = objs.snd;
-        }
-
-        Certificate userCert = keyStore.getCertificate(alias);
-        if (userCert == null) {
-            MessageFormat form = new MessageFormat
-                (rb.getString("alias.has.no.public.key.certificate."));
-            Object[] source = {alias};
-            throw new Exception(form.format(source));
-        }
-
-        // Read the certificates in the reply
-        Collection<? extends Certificate> c = cf.generateCertificates(in);
-        if (c.isEmpty()) {
-            throw new Exception(rb.getString("Reply.has.no.certificates"));
-        }
-        Certificate[] replyCerts = c.toArray(new Certificate[c.size()]);
-        Certificate[] newChain;
-        if (replyCerts.length == 1) {
-            // single-cert reply
-            newChain = establishCertChain(userCert, replyCerts[0]);
-        } else {
-            // cert-chain reply (e.g., PKCS#7)
-            newChain = validateReply(alias, userCert, replyCerts);
-        }
-
-        // Now store the newly established chain in the keystore. The new
-        // chain replaces the old one.
-        if (newChain != null) {
-            keyStore.setKeyEntry(alias, privKey,
-                                 (keyPass != null) ? keyPass : storePass,
-                                 newChain);
-            return true;
-        } else {
-            return false;
-        }
-    }
-
-    /**
-     * Imports a certificate and adds it to the list of trusted certificates.
-     *
-     * @return true if the certificate was added, otherwise false.
-     */
-    private boolean addTrustedCert(String alias, InputStream in)
-        throws Exception
-    {
-        if (alias == null) {
-            throw new Exception(rb.getString("Must.specify.alias"));
-        }
-        if (keyStore.containsAlias(alias)) {
-            MessageFormat form = new MessageFormat(rb.getString
-                ("Certificate.not.imported.alias.alias.already.exists"));
-            Object[] source = {alias};
-            throw new Exception(form.format(source));
-        }
-
-        // Read the certificate
-        X509Certificate cert = null;
-        try {
-            cert = (X509Certificate)cf.generateCertificate(in);
-        } catch (ClassCastException | CertificateException ce) {
-            throw new Exception(rb.getString("Input.not.an.X.509.certificate"));
-        }
-
-        // if certificate is self-signed, make sure it verifies
-        boolean selfSigned = false;
-        if (isSelfSigned(cert)) {
-            cert.verify(cert.getPublicKey());
-            selfSigned = true;
-        }
-
-        if (noprompt) {
-            keyStore.setCertificateEntry(alias, cert);
-            return true;
-        }
-
-        // check if cert already exists in keystore
-        String reply = null;
-        String trustalias = keyStore.getCertificateAlias(cert);
-        if (trustalias != null) {
-            MessageFormat form = new MessageFormat(rb.getString
-                ("Certificate.already.exists.in.keystore.under.alias.trustalias."));
-            Object[] source = {trustalias};
-            System.err.println(form.format(source));
-            reply = getYesNoReply
-                (rb.getString("Do.you.still.want.to.add.it.no."));
-        } else if (selfSigned) {
-            if (trustcacerts && (caks != null) &&
-                    ((trustalias=caks.getCertificateAlias(cert)) != null)) {
-                MessageFormat form = new MessageFormat(rb.getString
-                        ("Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias."));
-                Object[] source = {trustalias};
-                System.err.println(form.format(source));
-                reply = getYesNoReply
-                        (rb.getString("Do.you.still.want.to.add.it.to.your.own.keystore.no."));
-            }
-            if (trustalias == null) {
-                // Print the cert and ask user if they really want to add
-                // it to their keystore
-                printX509Cert(cert, System.out);
-                reply = getYesNoReply
-                        (rb.getString("Trust.this.certificate.no."));
-            }
-        }
-        if (reply != null) {
-            if ("YES".equals(reply)) {
-                keyStore.setCertificateEntry(alias, cert);
-                return true;
-            } else {
-                return false;
-            }
-        }
-
-        // Try to establish trust chain
-        try {
-            Certificate[] chain = establishCertChain(null, cert);
-            if (chain != null) {
-                keyStore.setCertificateEntry(alias, cert);
-                return true;
-            }
-        } catch (Exception e) {
-            // Print the cert and ask user if they really want to add it to
-            // their keystore
-            printX509Cert(cert, System.out);
-            reply = getYesNoReply
-                (rb.getString("Trust.this.certificate.no."));
-            if ("YES".equals(reply)) {
-                keyStore.setCertificateEntry(alias, cert);
-                return true;
-            } else {
-                return false;
-            }
-        }
-
-        return false;
-    }
-
-    /**
-     * Prompts user for new password. New password must be different from
-     * old one.
-     *
-     * @param prompt the message that gets prompted on the screen
-     * @param oldPasswd the current (i.e., old) password
-     */
-    private char[] getNewPasswd(String prompt, char[] oldPasswd)
-        throws Exception
-    {
-        char[] entered = null;
-        char[] reentered = null;
-
-        for (int count = 0; count < 3; count++) {
-            MessageFormat form = new MessageFormat
-                (rb.getString("New.prompt."));
-            Object[] source = {prompt};
-            System.err.print(form.format(source));
-            entered = Password.readPassword(System.in);
-            passwords.add(entered);
-            if (entered == null || entered.length < 6) {
-                System.err.println(rb.getString
-                    ("Password.is.too.short.must.be.at.least.6.characters"));
-            } else if (Arrays.equals(entered, oldPasswd)) {
-                System.err.println(rb.getString("Passwords.must.differ"));
-            } else {
-                form = new MessageFormat
-                        (rb.getString("Re.enter.new.prompt."));
-                Object[] src = {prompt};
-                System.err.print(form.format(src));
-                reentered = Password.readPassword(System.in);
-                passwords.add(reentered);
-                if (!Arrays.equals(entered, reentered)) {
-                    System.err.println
-                        (rb.getString("They.don.t.match.Try.again"));
-                } else {
-                    Arrays.fill(reentered, ' ');
-                    return entered;
-                }
-            }
-            if (entered != null) {
-                Arrays.fill(entered, ' ');
-                entered = null;
-            }
-            if (reentered != null) {
-                Arrays.fill(reentered, ' ');
-                reentered = null;
-            }
-        }
-        throw new Exception(rb.getString("Too.many.failures.try.later"));
-    }
-
-    /**
-     * Prompts user for alias name.
-     * @param prompt the {0} of "Enter {0} alias name:  " in prompt line
-     * @returns the string entered by the user, without the \n at the end
-     */
-    private String getAlias(String prompt) throws Exception {
-        if (prompt != null) {
-            MessageFormat form = new MessageFormat
-                (rb.getString("Enter.prompt.alias.name."));
-            Object[] source = {prompt};
-            System.err.print(form.format(source));
-        } else {
-            System.err.print(rb.getString("Enter.alias.name."));
-        }
-        return (new BufferedReader(new InputStreamReader(
-                                        System.in))).readLine();
-    }
-
-    /**
-     * Prompts user for an input string from the command line (System.in)
-     * @prompt the prompt string printed
-     * @returns the string entered by the user, without the \n at the end
-     */
-    private String inputStringFromStdin(String prompt) throws Exception {
-        System.err.print(prompt);
-        return (new BufferedReader(new InputStreamReader(
-                                        System.in))).readLine();
-    }
-
-    /**
-     * Prompts user for key password. User may select to choose the same
-     * password (<code>otherKeyPass</code>) as for <code>otherAlias</code>.
-     */
-    private char[] getKeyPasswd(String alias, String otherAlias,
-                                char[] otherKeyPass)
-        throws Exception
-    {
-        int count = 0;
-        char[] keyPass = null;
-
-        do {
-            if (otherKeyPass != null) {
-                MessageFormat form = new MessageFormat(rb.getString
-                        ("Enter.key.password.for.alias."));
-                Object[] source = {alias};
-                System.err.println(form.format(source));
-
-                form = new MessageFormat(rb.getString
-                        (".RETURN.if.same.as.for.otherAlias."));
-                Object[] src = {otherAlias};
-                System.err.print(form.format(src));
-            } else {
-                MessageFormat form = new MessageFormat(rb.getString
-                        ("Enter.key.password.for.alias."));
-                Object[] source = {alias};
-                System.err.print(form.format(source));
-            }
-            System.err.flush();
-            keyPass = Password.readPassword(System.in);
-            passwords.add(keyPass);
-            if (keyPass == null) {
-                keyPass = otherKeyPass;
-            }
-            count++;
-        } while ((keyPass == null) && count < 3);
-
-        if (keyPass == null) {
-            throw new Exception(rb.getString("Too.many.failures.try.later"));
-        }
-
-        return keyPass;
-    }
-
-    /**
-     * Prints a certificate in a human readable format.
-     */
-    private void printX509Cert(X509Certificate cert, PrintStream out)
-        throws Exception
-    {
-        /*
-        out.println("Owner: "
-                    + cert.getSubjectDN().toString()
-                    + "\n"
-                    + "Issuer: "
-                    + cert.getIssuerDN().toString()
-                    + "\n"
-                    + "Serial number: " + cert.getSerialNumber().toString(16)
-                    + "\n"
-                    + "Valid from: " + cert.getNotBefore().toString()
-                    + " until: " + cert.getNotAfter().toString()
-                    + "\n"
-                    + "Certificate fingerprints:\n"
-                    + "\t MD5:  " + getCertFingerPrint("MD5", cert)
-                    + "\n"
-                    + "\t SHA1: " + getCertFingerPrint("SHA1", cert));
-        */
-
-        MessageFormat form = new MessageFormat
-                (rb.getString(".PATTERN.printX509Cert"));
-        Object[] source = {cert.getSubjectDN().toString(),
-                        cert.getIssuerDN().toString(),
-                        cert.getSerialNumber().toString(16),
-                        cert.getNotBefore().toString(),
-                        cert.getNotAfter().toString(),
-                        getCertFingerPrint("MD5", cert),
-                        getCertFingerPrint("SHA1", cert),
-                        getCertFingerPrint("SHA-256", cert),
-                        cert.getSigAlgName(),
-                        cert.getVersion()
-                        };
-        out.println(form.format(source));
-
-        if (cert instanceof X509CertImpl) {
-            X509CertImpl impl = (X509CertImpl)cert;
-            X509CertInfo certInfo = (X509CertInfo)impl.get(X509CertImpl.NAME
-                                                           + "." +
-                                                           X509CertImpl.INFO);
-            CertificateExtensions exts = (CertificateExtensions)
-                    certInfo.get(X509CertInfo.EXTENSIONS);
-            if (exts != null) {
-                printExtensions(rb.getString("Extensions."), exts, out);
-            }
-        }
-    }
-
-    private static void printExtensions(String title, CertificateExtensions exts, PrintStream out)
-            throws Exception {
-        int extnum = 0;
-        Iterator<Extension> i1 = exts.getAllExtensions().iterator();
-        Iterator<Extension> i2 = exts.getUnparseableExtensions().values().iterator();
-        while (i1.hasNext() || i2.hasNext()) {
-            Extension ext = i1.hasNext()?i1.next():i2.next();
-            if (extnum == 0) {
-                out.println();
-                out.println(title);
-                out.println();
-            }
-            out.print("#"+(++extnum)+": "+ ext);
-            if (ext.getClass() == Extension.class) {
-                byte[] v = ext.getExtensionValue();
-                if (v.length == 0) {
-                    out.println(rb.getString(".Empty.value."));
-                } else {
-                    new sun.misc.HexDumpEncoder().encodeBuffer(ext.getExtensionValue(), out);
-                    out.println();
-                }
-            }
-            out.println();
-        }
-    }
-
-    /**
-     * Returns true if the certificate is self-signed, false otherwise.
-     */
-    private boolean isSelfSigned(X509Certificate cert) {
-        return signedBy(cert, cert);
-    }
-
-    private boolean signedBy(X509Certificate end, X509Certificate ca) {
-        if (!ca.getSubjectDN().equals(end.getIssuerDN())) {
-            return false;
-        }
-        try {
-            end.verify(ca.getPublicKey());
-            return true;
-        } catch (Exception e) {
-            return false;
-        }
-    }
-
-    /**
-     * Locates a signer for a given certificate from a given keystore and
-     * returns the signer's certificate.
-     * @param cert the certificate whose signer is searched, not null
-     * @param ks the keystore to search with, not null
-     * @return <code>cert</code> itself if it's already inside <code>ks</code>,
-     * or a certificate inside <code>ks</code> who signs <code>cert</code>,
-     * or null otherwise.
-     */
-    private static Certificate getTrustedSigner(Certificate cert, KeyStore ks)
-            throws Exception {
-        if (ks.getCertificateAlias(cert) != null) {
-            return cert;
-        }
-        for (Enumeration<String> aliases = ks.aliases();
-                aliases.hasMoreElements(); ) {
-            String name = aliases.nextElement();
-            Certificate trustedCert = ks.getCertificate(name);
-            if (trustedCert != null) {
-                try {
-                    cert.verify(trustedCert.getPublicKey());
-                    return trustedCert;
-                } catch (Exception e) {
-                    // Not verified, skip to the next one
-                }
-            }
-        }
-        return null;
-    }
-
-    /**
-     * Gets an X.500 name suitable for inclusion in a certification request.
-     */
-    private X500Name getX500Name() throws IOException {
-        BufferedReader in;
-        in = new BufferedReader(new InputStreamReader(System.in));
-        String commonName = "Unknown";
-        String organizationalUnit = "Unknown";
-        String organization = "Unknown";
-        String city = "Unknown";
-        String state = "Unknown";
-        String country = "Unknown";
-        X500Name name;
-        String userInput = null;
-
-        int maxRetry = 20;
-        do {
-            if (maxRetry-- < 0) {
-                throw new RuntimeException(rb.getString(
-                        "Too.many.retries.program.terminated"));
-            }
-            commonName = inputString(in,
-                    rb.getString("What.is.your.first.and.last.name."),
-                    commonName);
-            organizationalUnit = inputString(in,
-                    rb.getString
-                        ("What.is.the.name.of.your.organizational.unit."),
-                    organizationalUnit);
-            organization = inputString(in,
-                    rb.getString("What.is.the.name.of.your.organization."),
-                    organization);
-            city = inputString(in,
-                    rb.getString("What.is.the.name.of.your.City.or.Locality."),
-                    city);
-            state = inputString(in,
-                    rb.getString("What.is.the.name.of.your.State.or.Province."),
-                    state);
-            country = inputString(in,
-                    rb.getString
-                        ("What.is.the.two.letter.country.code.for.this.unit."),
-                    country);
-            name = new X500Name(commonName, organizationalUnit, organization,
-                                city, state, country);
-            MessageFormat form = new MessageFormat
-                (rb.getString("Is.name.correct."));
-            Object[] source = {name};
-            userInput = inputString
-                (in, form.format(source), rb.getString("no"));
-        } while (collator.compare(userInput, rb.getString("yes")) != 0 &&
-                 collator.compare(userInput, rb.getString("y")) != 0);
-
-        System.err.println();
-        return name;
-    }
-
-    private String inputString(BufferedReader in, String prompt,
-                               String defaultValue)
-        throws IOException
-    {
-        System.err.println(prompt);
-        MessageFormat form = new MessageFormat
-                (rb.getString(".defaultValue."));
-        Object[] source = {defaultValue};
-        System.err.print(form.format(source));
-        System.err.flush();
-
-        String value = in.readLine();
-        if (value == null || collator.compare(value, "") == 0) {
-            value = defaultValue;
-        }
-        return value;
-    }
-
-    /**
-     * Writes an X.509 certificate in base64 or binary encoding to an output
-     * stream.
-     */
-    private void dumpCert(Certificate cert, PrintStream out)
-        throws IOException, CertificateException
-    {
-        if (rfc) {
-            BASE64Encoder encoder = new BASE64Encoder();
-            out.println(X509Factory.BEGIN_CERT);
-            encoder.encodeBuffer(cert.getEncoded(), out);
-            out.println(X509Factory.END_CERT);
-        } else {
-            out.write(cert.getEncoded()); // binary
-        }
-    }
-
-    /**
-     * Converts a byte to hex digit and writes to the supplied buffer
-     */
-    private void byte2hex(byte b, StringBuffer buf) {
-        char[] hexChars = { '0', '1', '2', '3', '4', '5', '6', '7', '8',
-                            '9', 'A', 'B', 'C', 'D', 'E', 'F' };
-        int high = ((b & 0xf0) >> 4);
-        int low = (b & 0x0f);
-        buf.append(hexChars[high]);
-        buf.append(hexChars[low]);
-    }
-
-    /**
-     * Converts a byte array to hex string
-     */
-    private String toHexString(byte[] block) {
-        StringBuffer buf = new StringBuffer();
-        int len = block.length;
-        for (int i = 0; i < len; i++) {
-             byte2hex(block[i], buf);
-             if (i < len-1) {
-                 buf.append(":");
-             }
-        }
-        return buf.toString();
-    }
-
-    /**
-     * Recovers (private) key associated with given alias.
-     *
-     * @return an array of objects, where the 1st element in the array is the
-     * recovered private key, and the 2nd element is the password used to
-     * recover it.
-     */
-    private Pair<Key,char[]> recoverKey(String alias, char[] storePass,
-                                       char[] keyPass)
-        throws Exception
-    {
-        Key key = null;
-
-        if (keyStore.containsAlias(alias) == false) {
-            MessageFormat form = new MessageFormat
-                (rb.getString("Alias.alias.does.not.exist"));
-            Object[] source = {alias};
-            throw new Exception(form.format(source));
-        }
-        if (!keyStore.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class) &&
-                !keyStore.entryInstanceOf(alias, KeyStore.SecretKeyEntry.class)) {
-            MessageFormat form = new MessageFormat
-                (rb.getString("Alias.alias.has.no.key"));
-            Object[] source = {alias};
-            throw new Exception(form.format(source));
-        }
-
-        if (keyPass == null) {
-            // Try to recover the key using the keystore password
-            try {
-                key = keyStore.getKey(alias, storePass);
-
-                keyPass = storePass;
-                passwords.add(keyPass);
-            } catch (UnrecoverableKeyException e) {
-                // Did not work out, so prompt user for key password
-                if (!token) {
-                    keyPass = getKeyPasswd(alias, null, null);
-                    key = keyStore.getKey(alias, keyPass);
-                } else {
-                    throw e;
-                }
-            }
-        } else {
-            key = keyStore.getKey(alias, keyPass);
-        }
-
-        return Pair.of(key, keyPass);
-    }
-
-    /**
-     * Recovers entry associated with given alias.
-     *
-     * @return an array of objects, where the 1st element in the array is the
-     * recovered entry, and the 2nd element is the password used to
-     * recover it (null if no password).
-     */
-    private Pair<Entry,char[]> recoverEntry(KeyStore ks,
-                            String alias,
-                            char[] pstore,
-                            char[] pkey) throws Exception {
-
-        if (ks.containsAlias(alias) == false) {
-            MessageFormat form = new MessageFormat
-                (rb.getString("Alias.alias.does.not.exist"));
-            Object[] source = {alias};
-            throw new Exception(form.format(source));
-        }
-
-        PasswordProtection pp = null;
-        Entry entry;
-
-        try {
-            // First attempt to access entry without key password
-            // (PKCS11 entry or trusted certificate entry, for example)
-
-            entry = ks.getEntry(alias, pp);
-            pkey = null;
-        } catch (UnrecoverableEntryException une) {
-
-            if(P11KEYSTORE.equalsIgnoreCase(ks.getType()) ||
-                KeyStoreUtil.isWindowsKeyStore(ks.getType())) {
-                // should not happen, but a possibility
-                throw une;
-            }
-
-            // entry is protected
-
-            if (pkey != null) {
-
-                // try provided key password
-
-                pp = new PasswordProtection(pkey);
-                entry = ks.getEntry(alias, pp);
-
-            } else {
-
-                // try store pass
-
-                try {
-                    pp = new PasswordProtection(pstore);
-                    entry = ks.getEntry(alias, pp);
-                    pkey = pstore;
-                } catch (UnrecoverableEntryException une2) {
-                    if (P12KEYSTORE.equalsIgnoreCase(ks.getType())) {
-
-                        // P12 keystore currently does not support separate
-                        // store and entry passwords
-
-                        throw une2;
-                    } else {
-
-                        // prompt for entry password
-
-                        pkey = getKeyPasswd(alias, null, null);
-                        pp = new PasswordProtection(pkey);
-                        entry = ks.getEntry(alias, pp);
-                    }
-                }
-            }
-        }
-
-        return Pair.of(entry, pkey);
-    }
-    /**
-     * Gets the requested finger print of the certificate.
-     */
-    private String getCertFingerPrint(String mdAlg, Certificate cert)
-        throws Exception
-    {
-        byte[] encCertInfo = cert.getEncoded();
-        MessageDigest md = MessageDigest.getInstance(mdAlg);
-        byte[] digest = md.digest(encCertInfo);
-        return toHexString(digest);
-    }
-
-    /**
-     * Prints warning about missing integrity check.
-     */
-    private void printWarning() {
-        System.err.println();
-        System.err.println(rb.getString
-            (".WARNING.WARNING.WARNING."));
-        System.err.println(rb.getString
-            (".The.integrity.of.the.information.stored.in.your.keystore."));
-        System.err.println(rb.getString
-            (".WARNING.WARNING.WARNING."));
-        System.err.println();
-    }
-
-    /**
-     * Validates chain in certification reply, and returns the ordered
-     * elements of the chain (with user certificate first, and root
-     * certificate last in the array).
-     *
-     * @param alias the alias name
-     * @param userCert the user certificate of the alias
-     * @param replyCerts the chain provided in the reply
-     */
-    private Certificate[] validateReply(String alias,
-                                        Certificate userCert,
-                                        Certificate[] replyCerts)
-        throws Exception
-    {
-        // order the certs in the reply (bottom-up).
-        // we know that all certs in the reply are of type X.509, because
-        // we parsed them using an X.509 certificate factory
-        int i;
-        PublicKey userPubKey = userCert.getPublicKey();
-        for (i=0; i<replyCerts.length; i++) {
-            if (userPubKey.equals(replyCerts[i].getPublicKey())) {
-                break;
-            }
-        }
-        if (i == replyCerts.length) {
-            MessageFormat form = new MessageFormat(rb.getString
-                ("Certificate.reply.does.not.contain.public.key.for.alias."));
-            Object[] source = {alias};
-            throw new Exception(form.format(source));
-        }
-
-        Certificate tmpCert = replyCerts[0];
-        replyCerts[0] = replyCerts[i];
-        replyCerts[i] = tmpCert;
-
-        X509Certificate thisCert = (X509Certificate)replyCerts[0];
-
-        for (i=1; i < replyCerts.length-1; i++) {
-            // find a cert in the reply who signs thisCert
-            int j;
-            for (j=i; j<replyCerts.length; j++) {
-                if (signedBy(thisCert, (X509Certificate)replyCerts[j])) {
-                    tmpCert = replyCerts[i];
-                    replyCerts[i] = replyCerts[j];
-                    replyCerts[j] = tmpCert;
-                    thisCert = (X509Certificate)replyCerts[i];
-                    break;
-                }
-            }
-            if (j == replyCerts.length) {
-                throw new Exception
-                    (rb.getString("Incomplete.certificate.chain.in.reply"));
-            }
-        }
-
-        if (noprompt) {
-            return replyCerts;
-        }
-
-        // do we trust the cert at the top?
-        Certificate topCert = replyCerts[replyCerts.length-1];
-        Certificate root = getTrustedSigner(topCert, keyStore);
-        if (root == null && trustcacerts && caks != null) {
-            root = getTrustedSigner(topCert, caks);
-        }
-        if (root == null) {
-            System.err.println();
-            System.err.println
-                    (rb.getString("Top.level.certificate.in.reply."));
-            printX509Cert((X509Certificate)topCert, System.out);
-            System.err.println();
-            System.err.print(rb.getString(".is.not.trusted."));
-            String reply = getYesNoReply
-                    (rb.getString("Install.reply.anyway.no."));
-            if ("NO".equals(reply)) {
-                return null;
-            }
-        } else {
-            if (root != topCert) {
-                // append the root CA cert to the chain
-                Certificate[] tmpCerts =
-                    new Certificate[replyCerts.length+1];
-                System.arraycopy(replyCerts, 0, tmpCerts, 0,
-                                 replyCerts.length);
-                tmpCerts[tmpCerts.length-1] = root;
-                replyCerts = tmpCerts;
-            }
-        }
-
-        return replyCerts;
-    }
-
-    /**
-     * Establishes a certificate chain (using trusted certificates in the
-     * keystore), starting with the user certificate
-     * and ending at a self-signed certificate found in the keystore.
-     *
-     * @param userCert the user certificate of the alias
-     * @param certToVerify the single certificate provided in the reply
-     */
-    private Certificate[] establishCertChain(Certificate userCert,
-                                             Certificate certToVerify)
-        throws Exception
-    {
-        if (userCert != null) {
-            // Make sure that the public key of the certificate reply matches
-            // the original public key in the keystore
-            PublicKey origPubKey = userCert.getPublicKey();
-            PublicKey replyPubKey = certToVerify.getPublicKey();
-            if (!origPubKey.equals(replyPubKey)) {
-                throw new Exception(rb.getString
-                        ("Public.keys.in.reply.and.keystore.don.t.match"));
-            }
-
-            // If the two certs are identical, we're done: no need to import
-            // anything
-            if (certToVerify.equals(userCert)) {
-                throw new Exception(rb.getString
-                        ("Certificate.reply.and.certificate.in.keystore.are.identical"));
-            }
-        }
-
-        // Build a hash table of all certificates in the keystore.
-        // Use the subject distinguished name as the key into the hash table.
-        // All certificates associated with the same subject distinguished
-        // name are stored in the same hash table entry as a vector.
-        Hashtable<Principal, Vector<Certificate>> certs = null;
-        if (keyStore.size() > 0) {
-            certs = new Hashtable<Principal, Vector<Certificate>>(11);
-            keystorecerts2Hashtable(keyStore, certs);
-        }
-        if (trustcacerts) {
-            if (caks!=null && caks.size()>0) {
-                if (certs == null) {
-                    certs = new Hashtable<Principal, Vector<Certificate>>(11);
-                }
-                keystorecerts2Hashtable(caks, certs);
-            }
-        }
-
-        // start building chain
-        Vector<Certificate> chain = new Vector<>(2);
-        if (buildChain((X509Certificate)certToVerify, chain, certs)) {
-            Certificate[] newChain = new Certificate[chain.size()];
-            // buildChain() returns chain with self-signed root-cert first and
-            // user-cert last, so we need to invert the chain before we store
-            // it
-            int j=0;
-            for (int i=chain.size()-1; i>=0; i--) {
-                newChain[j] = chain.elementAt(i);
-                j++;
-            }
-            return newChain;
-        } else {
-            throw new Exception
-                (rb.getString("Failed.to.establish.chain.from.reply"));
-        }
-    }
-
-    /**
-     * Recursively tries to establish chain from pool of trusted certs.
-     *
-     * @param certToVerify the cert that needs to be verified.
-     * @param chain the chain that's being built.
-     * @param certs the pool of trusted certs
-     *
-     * @return true if successful, false otherwise.
-     */
-    private boolean buildChain(X509Certificate certToVerify,
-                        Vector<Certificate> chain,
-                        Hashtable<Principal, Vector<Certificate>> certs) {
-        Principal issuer = certToVerify.getIssuerDN();
-        if (isSelfSigned(certToVerify)) {
-            // reached self-signed root cert;
-            // no verification needed because it's trusted.
-            chain.addElement(certToVerify);
-            return true;
-        }
-
-        // Get the issuer's certificate(s)
-        Vector<Certificate> vec = certs.get(issuer);
-        if (vec == null) {
-            return false;
-        }
-
-        // Try out each certificate in the vector, until we find one
-        // whose public key verifies the signature of the certificate
-        // in question.
-        for (Enumeration<Certificate> issuerCerts = vec.elements();
-             issuerCerts.hasMoreElements(); ) {
-            X509Certificate issuerCert
-                = (X509Certificate)issuerCerts.nextElement();
-            PublicKey issuerPubKey = issuerCert.getPublicKey();
-            try {
-                certToVerify.verify(issuerPubKey);
-            } catch (Exception e) {
-                continue;
-            }
-            if (buildChain(issuerCert, chain, certs)) {
-                chain.addElement(certToVerify);
-                return true;
-            }
-        }
-        return false;
-    }
-
-    /**
-     * Prompts user for yes/no decision.
-     *
-     * @return the user's decision, can only be "YES" or "NO"
-     */
-    private String getYesNoReply(String prompt)
-        throws IOException
-    {
-        String reply = null;
-        int maxRetry = 20;
-        do {
-            if (maxRetry-- < 0) {
-                throw new RuntimeException(rb.getString(
-                        "Too.many.retries.program.terminated"));
-            }
-            System.err.print(prompt);
-            System.err.flush();
-            reply = (new BufferedReader(new InputStreamReader
-                                        (System.in))).readLine();
-            if (collator.compare(reply, "") == 0 ||
-                collator.compare(reply, rb.getString("n")) == 0 ||
-                collator.compare(reply, rb.getString("no")) == 0) {
-                reply = "NO";
-            } else if (collator.compare(reply, rb.getString("y")) == 0 ||
-                       collator.compare(reply, rb.getString("yes")) == 0) {
-                reply = "YES";
-            } else {
-                System.err.println(rb.getString("Wrong.answer.try.again"));
-                reply = null;
-            }
-        } while (reply == null);
-        return reply;
-    }
-
-    /**
-     * Returns the keystore with the configured CA certificates.
-     */
-    public static KeyStore getCacertsKeyStore()
-        throws Exception
-    {
-        String sep = File.separator;
-        File file = new File(System.getProperty("java.home") + sep
-                             + "lib" + sep + "security" + sep
-                             + "cacerts");
-        if (!file.exists()) {
-            return null;
-        }
-        KeyStore caks = null;
-        try (FileInputStream fis = new FileInputStream(file)) {
-            caks = KeyStore.getInstance(JKS);
-            caks.load(fis, null);
-        }
-        return caks;
-    }
-
-    /**
-     * Stores the (leaf) certificates of a keystore in a hashtable.
-     * All certs belonging to the same CA are stored in a vector that
-     * in turn is stored in the hashtable, keyed by the CA's subject DN
-     */
-    private void keystorecerts2Hashtable(KeyStore ks,
-                Hashtable<Principal, Vector<Certificate>> hash)
-        throws Exception {
-
-        for (Enumeration<String> aliases = ks.aliases();
-                                        aliases.hasMoreElements(); ) {
-            String alias = aliases.nextElement();
-            Certificate cert = ks.getCertificate(alias);
-            if (cert != null) {
-                Principal subjectDN = ((X509Certificate)cert).getSubjectDN();
-                Vector<Certificate> vec = hash.get(subjectDN);
-                if (vec == null) {
-                    vec = new Vector<Certificate>();
-                    vec.addElement(cert);
-                } else {
-                    if (!vec.contains(cert)) {
-                        vec.addElement(cert);
-                    }
-                }
-                hash.put(subjectDN, vec);
-            }
-        }
-    }
-
-    /**
-     * Returns the issue time that's specified the -startdate option
-     * @param s the value of -startdate option
-     */
-    private static Date getStartDate(String s) throws IOException {
-        Calendar c = new GregorianCalendar();
-        if (s != null) {
-            IOException ioe = new IOException(
-                    rb.getString("Illegal.startdate.value"));
-            int len = s.length();
-            if (len == 0) {
-                throw ioe;
-            }
-            if (s.charAt(0) == '-' || s.charAt(0) == '+') {
-                // Form 1: ([+-]nnn[ymdHMS])+
-                int start = 0;
-                while (start < len) {
-                    int sign = 0;
-                    switch (s.charAt(start)) {
-                        case '+': sign = 1; break;
-                        case '-': sign = -1; break;
-                        default: throw ioe;
-                    }
-                    int i = start+1;
-                    for (; i<len; i++) {
-                        char ch = s.charAt(i);
-                        if (ch < '0' || ch > '9') break;
-                    }
-                    if (i == start+1) throw ioe;
-                    int number = Integer.parseInt(s.substring(start+1, i));
-                    if (i >= len) throw ioe;
-                    int unit = 0;
-                    switch (s.charAt(i)) {
-                        case 'y': unit = Calendar.YEAR; break;
-                        case 'm': unit = Calendar.MONTH; break;
-                        case 'd': unit = Calendar.DATE; break;
-                        case 'H': unit = Calendar.HOUR; break;
-                        case 'M': unit = Calendar.MINUTE; break;
-                        case 'S': unit = Calendar.SECOND; break;
-                        default: throw ioe;
-                    }
-                    c.add(unit, sign * number);
-                    start = i + 1;
-                }
-            } else  {
-                // Form 2: [yyyy/mm/dd] [HH:MM:SS]
-                String date = null, time = null;
-                if (len == 19) {
-                    date = s.substring(0, 10);
-                    time = s.substring(11);
-                    if (s.charAt(10) != ' ')
-                        throw ioe;
-                } else if (len == 10) {
-                    date = s;
-                } else if (len == 8) {
-                    time = s;
-                } else {
-                    throw ioe;
-                }
-                if (date != null) {
-                    if (date.matches("\\d\\d\\d\\d\\/\\d\\d\\/\\d\\d")) {
-                        c.set(Integer.valueOf(date.substring(0, 4)),
-                                Integer.valueOf(date.substring(5, 7))-1,
-                                Integer.valueOf(date.substring(8, 10)));
-                    } else {
-                        throw ioe;
-                    }
-                }
-                if (time != null) {
-                    if (time.matches("\\d\\d:\\d\\d:\\d\\d")) {
-                        c.set(Calendar.HOUR_OF_DAY, Integer.valueOf(time.substring(0, 2)));
-                        c.set(Calendar.MINUTE, Integer.valueOf(time.substring(0, 2)));
-                        c.set(Calendar.SECOND, Integer.valueOf(time.substring(0, 2)));
-                        c.set(Calendar.MILLISECOND, 0);
-                    } else {
-                        throw ioe;
-                    }
-                }
-            }
-        }
-        return c.getTime();
-    }
-
-    /**
-     * Match a command (may be abbreviated) with a command set.
-     * @param s the command provided
-     * @param list the legal command set. If there is a null, commands after it
-     * are regarded experimental, which means they are supported but their
-     * existence should not be revealed to user.
-     * @return the position of a single match, or -1 if none matched
-     * @throws Exception if s is ambiguous
-     */
-    private static int oneOf(String s, String... list) throws Exception {
-        int[] match = new int[list.length];
-        int nmatch = 0;
-        int experiment = Integer.MAX_VALUE;
-        for (int i = 0; i<list.length; i++) {
-            String one = list[i];
-            if (one == null) {
-                experiment = i;
-                continue;
-            }
-            if (one.toLowerCase(Locale.ENGLISH)
-                    .startsWith(s.toLowerCase(Locale.ENGLISH))) {
-                match[nmatch++] = i;
-            } else {
-                StringBuffer sb = new StringBuffer();
-                boolean first = true;
-                for (char c: one.toCharArray()) {
-                    if (first) {
-                        sb.append(c);
-                        first = false;
-                    } else {
-                        if (!Character.isLowerCase(c)) {
-                            sb.append(c);
-                        }
-                    }
-                }
-                if (sb.toString().equalsIgnoreCase(s)) {
-                    match[nmatch++] = i;
-                }
-            }
-        }
-        if (nmatch == 0) {
-            return -1;
-        } else if (nmatch == 1) {
-            return match[0];
-        } else {
-            // If multiple matches is in experimental commands, ignore them
-            if (match[1] > experiment) {
-                return match[0];
-            }
-            StringBuffer sb = new StringBuffer();
-            MessageFormat form = new MessageFormat(rb.getString
-                ("command.{0}.is.ambiguous."));
-            Object[] source = {s};
-            sb.append(form.format(source));
-            sb.append("\n    ");
-            for (int i=0; i<nmatch && match[i]<experiment; i++) {
-                sb.append(' ');
-                sb.append(list[match[i]]);
-            }
-            throw new Exception(sb.toString());
-        }
-    }
-
-    /**
-     * Create a GeneralName object from known types
-     * @param t one of 5 known types
-     * @param v value
-     * @return which one
-     */
-    private GeneralName createGeneralName(String t, String v)
-            throws Exception {
-        GeneralNameInterface gn;
-        int p = oneOf(t, "EMAIL", "URI", "DNS", "IP", "OID");
-        if (p < 0) {
-            throw new Exception(rb.getString(
-                    "Unrecognized.GeneralName.type.") + t);
-        }
-        switch (p) {
-            case 0: gn = new RFC822Name(v); break;
-            case 1: gn = new URIName(v); break;
-            case 2: gn = new DNSName(v); break;
-            case 3: gn = new IPAddressName(v); break;
-            default: gn = new OIDName(v); break; //4
-        }
-        return new GeneralName(gn);
-    }
-
-    private static final String[] extSupported = {
-                        "BasicConstraints",
-                        "KeyUsage",
-                        "ExtendedKeyUsage",
-                        "SubjectAlternativeName",
-                        "IssuerAlternativeName",
-                        "SubjectInfoAccess",
-                        "AuthorityInfoAccess",
-                        null,
-                        "CRLDistributionPoints",
-    };
-
-    private ObjectIdentifier findOidForExtName(String type)
-            throws Exception {
-        switch (oneOf(type, extSupported)) {
-            case 0: return PKIXExtensions.BasicConstraints_Id;
-            case 1: return PKIXExtensions.KeyUsage_Id;
-            case 2: return PKIXExtensions.ExtendedKeyUsage_Id;
-            case 3: return PKIXExtensions.SubjectAlternativeName_Id;
-            case 4: return PKIXExtensions.IssuerAlternativeName_Id;
-            case 5: return PKIXExtensions.SubjectInfoAccess_Id;
-            case 6: return PKIXExtensions.AuthInfoAccess_Id;
-            case 8: return PKIXExtensions.CRLDistributionPoints_Id;
-            default: return new ObjectIdentifier(type);
-        }
-    }
-
-    /**
-     * Create X509v3 extensions from a string representation. Note that the
-     * SubjectKeyIdentifierExtension will always be created non-critical besides
-     * the extension requested in the <code>extstr</code> argument.
-     *
-     * @param reqex the requested extensions, can be null, used for -gencert
-     * @param ext the original extensions, can be null, used for -selfcert
-     * @param extstrs -ext values, Read keytool doc
-     * @param pkey the public key for the certificate
-     * @param akey the public key for the authority (issuer)
-     * @return the created CertificateExtensions
-     */
-    private CertificateExtensions createV3Extensions(
-            CertificateExtensions reqex,
-            CertificateExtensions ext,
-            List <String> extstrs,
-            PublicKey pkey,
-            PublicKey akey) throws Exception {
-
-        if (ext != null && reqex != null) {
-            // This should not happen
-            throw new Exception("One of request and original should be null.");
-        }
-        if (ext == null) ext = new CertificateExtensions();
-        try {
-            // name{:critical}{=value}
-            // Honoring requested extensions
-            if (reqex != null) {
-                for(String extstr: extstrs) {
-                    if (extstr.toLowerCase(Locale.ENGLISH).startsWith("honored=")) {
-                        List<String> list = Arrays.asList(
-                                extstr.toLowerCase(Locale.ENGLISH).substring(8).split(","));
-                        // First check existence of "all"
-                        if (list.contains("all")) {
-                            ext = reqex;    // we know ext was null
-                        }
-                        // one by one for others
-                        for (String item: list) {
-                            if (item.equals("all")) continue;
-
-                            // add or remove
-                            boolean add = true;
-                            // -1, unchanged, 0 crtical, 1 non-critical
-                            int action = -1;
-                            String type = null;
-                            if (item.startsWith("-")) {
-                                add = false;
-                                type = item.substring(1);
-                            } else {
-                                int colonpos = item.indexOf(':');
-                                if (colonpos >= 0) {
-                                    type = item.substring(0, colonpos);
-                                    action = oneOf(item.substring(colonpos+1),
-                                            "critical", "non-critical");
-                                    if (action == -1) {
-                                        throw new Exception(rb.getString
-                                            ("Illegal.value.") + item);
-                                    }
-                                }
-                            }
-                            String n = reqex.getNameByOid(findOidForExtName(type));
-                            if (add) {
-                                Extension e = reqex.get(n);
-                                if (!e.isCritical() && action == 0
-                                        || e.isCritical() && action == 1) {
-                                    e = Extension.newExtension(
-                                            e.getExtensionId(),
-                                            !e.isCritical(),
-                                            e.getExtensionValue());
-                                    ext.set(n, e);
-                                }
-                            } else {
-                                ext.delete(n);
-                            }
-                        }
-                        break;
-                    }
-                }
-            }
-            for(String extstr: extstrs) {
-                String name, value;
-                boolean isCritical = false;
-
-                int eqpos = extstr.indexOf('=');
-                if (eqpos >= 0) {
-                    name = extstr.substring(0, eqpos);
-                    value = extstr.substring(eqpos+1);
-                } else {
-                    name = extstr;
-                    value = null;
-                }
-
-                int colonpos = name.indexOf(':');
-                if (colonpos >= 0) {
-                    if (oneOf(name.substring(colonpos+1), "critical") == 0) {
-                        isCritical = true;
-                    }
-                    name = name.substring(0, colonpos);
-                }
-
-                if (name.equalsIgnoreCase("honored")) {
-                    continue;
-                }
-                int exttype = oneOf(name, extSupported);
-                switch (exttype) {
-                    case 0:     // BC
-                        int pathLen = -1;
-                        boolean isCA = false;
-                        if (value == null) {
-                            isCA = true;
-                        } else {
-                            try {   // the abbr format
-                                pathLen = Integer.parseInt(value);
-                                isCA = true;
-                            } catch (NumberFormatException ufe) {
-                                // ca:true,pathlen:1
-                                for (String part: value.split(",")) {
-                                    String[] nv = part.split(":");
-                                    if (nv.length != 2) {
-                                        throw new Exception(rb.getString
-                                                ("Illegal.value.") + extstr);
-                                    } else {
-                                        if (nv[0].equalsIgnoreCase("ca")) {
-                                            isCA = Boolean.parseBoolean(nv[1]);
-                                        } else if (nv[0].equalsIgnoreCase("pathlen")) {
-                                            pathLen = Integer.parseInt(nv[1]);
-                                        } else {
-                                            throw new Exception(rb.getString
-                                                ("Illegal.value.") + extstr);
-                                        }
-                                    }
-                                }
-                            }
-                        }
-                        ext.set(BasicConstraintsExtension.NAME,
-                                new BasicConstraintsExtension(isCritical, isCA,
-                                pathLen));
-                        break;
-                    case 1:     // KU
-                        if(value != null) {
-                            boolean[] ok = new boolean[9];
-                            for (String s: value.split(",")) {
-                                int p = oneOf(s,
-                                       "digitalSignature",  // (0),
-                                       "nonRepudiation",    // (1)
-                                       "keyEncipherment",   // (2),
-                                       "dataEncipherment",  // (3),
-                                       "keyAgreement",      // (4),
-                                       "keyCertSign",       // (5),
-                                       "cRLSign",           // (6),
-                                       "encipherOnly",      // (7),
-                                       "decipherOnly",      // (8)
-                                       "contentCommitment"  // also (1)
-                                       );
-                                if (p < 0) {
-                                    throw new Exception(rb.getString("Unknown.keyUsage.type.") + s);
-                                }
-                                if (p == 9) p = 1;
-                                ok[p] = true;
-                            }
-                            KeyUsageExtension kue = new KeyUsageExtension(ok);
-                            // The above KeyUsageExtension constructor does not
-                            // allow isCritical value, so...
-                            ext.set(KeyUsageExtension.NAME, Extension.newExtension(
-                                    kue.getExtensionId(),
-                                    isCritical,
-                                    kue.getExtensionValue()));
-                        } else {
-                            throw new Exception(rb.getString
-                                    ("Illegal.value.") + extstr);
-                        }
-                        break;
-                    case 2:     // EKU
-                        if(value != null) {
-                            Vector<ObjectIdentifier> v = new Vector<>();
-                            for (String s: value.split(",")) {
-                                int p = oneOf(s,
-                                        "anyExtendedKeyUsage",
-                                        "serverAuth",       //1
-                                        "clientAuth",       //2
-                                        "codeSigning",      //3
-                                        "emailProtection",  //4
-                                        "",                 //5
-                                        "",                 //6
-                                        "",                 //7
-                                        "timeStamping",     //8
-                                        "OCSPSigning"       //9
-                                       );
-                                if (p < 0) {
-                                    try {
-                                        v.add(new ObjectIdentifier(s));
-                                    } catch (Exception e) {
-                                        throw new Exception(rb.getString(
-                                                "Unknown.extendedkeyUsage.type.") + s);
-                                    }
-                                } else if (p == 0) {
-                                    v.add(new ObjectIdentifier("2.5.29.37.0"));
-                                } else {
-                                    v.add(new ObjectIdentifier("1.3.6.1.5.5.7.3." + p));
-                                }
-                            }
-                            ext.set(ExtendedKeyUsageExtension.NAME,
-                                    new ExtendedKeyUsageExtension(isCritical, v));
-                        } else {
-                            throw new Exception(rb.getString
-                                    ("Illegal.value.") + extstr);
-                        }
-                        break;
-                    case 3:     // SAN
-                    case 4:     // IAN
-                        if(value != null) {
-                            String[] ps = value.split(",");
-                            GeneralNames gnames = new GeneralNames();
-                            for(String item: ps) {
-                                colonpos = item.indexOf(':');
-                                if (colonpos < 0) {
-                                    throw new Exception("Illegal item " + item + " in " + extstr);
-                                }
-                                String t = item.substring(0, colonpos);
-                                String v = item.substring(colonpos+1);
-                                gnames.add(createGeneralName(t, v));
-                            }
-                            if (exttype == 3) {
-                                ext.set(SubjectAlternativeNameExtension.NAME,
-                                        new SubjectAlternativeNameExtension(
-                                            isCritical, gnames));
-                            } else {
-                                ext.set(IssuerAlternativeNameExtension.NAME,
-                                        new IssuerAlternativeNameExtension(
-                                            isCritical, gnames));
-                            }
-                        } else {
-                            throw new Exception(rb.getString
-                                    ("Illegal.value.") + extstr);
-                        }
-                        break;
-                    case 5:     // SIA, always non-critical
-                    case 6:     // AIA, always non-critical
-                        if (isCritical) {
-                            throw new Exception(rb.getString(
-                                    "This.extension.cannot.be.marked.as.critical.") + extstr);
-                        }
-                        if(value != null) {
-                            List<AccessDescription> accessDescriptions =
-                                    new ArrayList<>();
-                            String[] ps = value.split(",");
-                            for(String item: ps) {
-                                colonpos = item.indexOf(':');
-                                int colonpos2 = item.indexOf(':', colonpos+1);
-                                if (colonpos < 0 || colonpos2 < 0) {
-                                    throw new Exception(rb.getString
-                                            ("Illegal.value.") + extstr);
-                                }
-                                String m = item.substring(0, colonpos);
-                                String t = item.substring(colonpos+1, colonpos2);
-                                String v = item.substring(colonpos2+1);
-                                int p = oneOf(m,
-                                        "",
-                                        "ocsp",         //1
-                                        "caIssuers",    //2
-                                        "timeStamping", //3
-                                        "",
-                                        "caRepository"  //5
-                                        );
-                                ObjectIdentifier oid;
-                                if (p < 0) {
-                                    try {
-                                        oid = new ObjectIdentifier(m);
-                                    } catch (Exception e) {
-                                        throw new Exception(rb.getString(
-                                                "Unknown.AccessDescription.type.") + m);
-                                    }
-                                } else {
-                                    oid = new ObjectIdentifier("1.3.6.1.5.5.7.48." + p);
-                                }
-                                accessDescriptions.add(new AccessDescription(
-                                        oid, createGeneralName(t, v)));
-                            }
-                            if (exttype == 5) {
-                                ext.set(SubjectInfoAccessExtension.NAME,
-                                        new SubjectInfoAccessExtension(accessDescriptions));
-                            } else {
-                                ext.set(AuthorityInfoAccessExtension.NAME,
-                                        new AuthorityInfoAccessExtension(accessDescriptions));
-                            }
-                        } else {
-                            throw new Exception(rb.getString
-                                    ("Illegal.value.") + extstr);
-                        }
-                        break;
-                    case 8: // CRL, experimental, only support 1 distributionpoint
-                        if(value != null) {
-                            String[] ps = value.split(",");
-                            GeneralNames gnames = new GeneralNames();
-                            for(String item: ps) {
-                                colonpos = item.indexOf(':');
-                                if (colonpos < 0) {
-                                    throw new Exception("Illegal item " + item + " in " + extstr);
-                                }
-                                String t = item.substring(0, colonpos);
-                                String v = item.substring(colonpos+1);
-                                gnames.add(createGeneralName(t, v));
-                            }
-                            ext.set(CRLDistributionPointsExtension.NAME,
-                                    new CRLDistributionPointsExtension(
-                                        isCritical, Collections.singletonList(
-                                        new DistributionPoint(gnames, null, null))));
-                        } else {
-                            throw new Exception(rb.getString
-                                    ("Illegal.value.") + extstr);
-                        }
-                        break;
-                    case -1:
-                        ObjectIdentifier oid = new ObjectIdentifier(name);
-                        byte[] data = null;
-                        if (value != null) {
-                            data = new byte[value.length() / 2 + 1];
-                            int pos = 0;
-                            for (char c: value.toCharArray()) {
-                                int hex;
-                                if (c >= '0' && c <= '9') {
-                                    hex = c - '0' ;
-                                } else if (c >= 'A' && c <= 'F') {
-                                    hex = c - 'A' + 10;
-                                } else if (c >= 'a' && c <= 'f') {
-                                    hex = c - 'a' + 10;
-                                } else {
-                                    continue;
-                                }
-                                if (pos % 2 == 0) {
-                                    data[pos/2] = (byte)(hex << 4);
-                                } else {
-                                    data[pos/2] += hex;
-                                }
-                                pos++;
-                            }
-                            if (pos % 2 != 0) {
-                                throw new Exception(rb.getString(
-                                        "Odd.number.of.hex.digits.found.") + extstr);
-                            }
-                            data = Arrays.copyOf(data, pos/2);
-                        } else {
-                            data = new byte[0];
-                        }
-                        ext.set(oid.toString(), new Extension(oid, isCritical,
-                                new DerValue(DerValue.tag_OctetString, data)
-                                        .toByteArray()));
-                        break;
-                    default:
-                        throw new Exception(rb.getString(
-                                "Unknown.extension.type.") + extstr);
-                }
-            }
-            // always non-critical
-            ext.set(SubjectKeyIdentifierExtension.NAME,
-                    new SubjectKeyIdentifierExtension(
-                        new KeyIdentifier(pkey).getIdentifier()));
-            if (akey != null && !pkey.equals(akey)) {
-                ext.set(AuthorityKeyIdentifierExtension.NAME,
-                        new AuthorityKeyIdentifierExtension(
-                        new KeyIdentifier(akey), null, null));
-            }
-        } catch(IOException e) {
-            throw new RuntimeException(e);
-        }
-        return ext;
-    }
-
-    /**
-     * Prints the usage of this tool.
-     */
-    private void usage() {
-        if (command != null) {
-            System.err.println("keytool " + command +
-                    rb.getString(".OPTION."));
-            System.err.println();
-            System.err.println(rb.getString(command.description));
-            System.err.println();
-            System.err.println(rb.getString("Options."));
-            System.err.println();
-
-            // Left and right sides of the options list
-            String[] left = new String[command.options.length];
-            String[] right = new String[command.options.length];
-
-            // Check if there's an unknown option
-            boolean found = false;
-
-            // Length of left side of options list
-            int lenLeft = 0;
-            for (int j=0; j<left.length; j++) {
-                Option opt = command.options[j];
-                left[j] = opt.toString();
-                if (opt.arg != null) left[j] += " " + opt.arg;
-                if (left[j].length() > lenLeft) {
-                    lenLeft = left[j].length();
-                }
-                right[j] = rb.getString(opt.description);
-            }
-            for (int j=0; j<left.length; j++) {
-                System.err.printf(" %-" + lenLeft + "s  %s\n",
-                        left[j], right[j]);
-            }
-            System.err.println();
-            System.err.println(rb.getString(
-                    "Use.keytool.help.for.all.available.commands"));
-        } else {
-            System.err.println(rb.getString(
-                    "Key.and.Certificate.Management.Tool"));
-            System.err.println();
-            System.err.println(rb.getString("Commands."));
-            System.err.println();
-            for (Command c: Command.values()) {
-                if (c == KEYCLONE) break;
-                System.err.printf(" %-20s%s\n", c, rb.getString(c.description));
-            }
-            System.err.println();
-            System.err.println(rb.getString(
-                    "Use.keytool.command.name.help.for.usage.of.command.name"));
-        }
-    }
-
-    private void tinyHelp() {
-        usage();
-        if (debug) {
-            throw new RuntimeException("NO BIG ERROR, SORRY");
-        } else {
-            System.exit(1);
-        }
-    }
-
-    private void errorNeedArgument(String flag) {
-        Object[] source = {flag};
-        System.err.println(new MessageFormat(
-                rb.getString("Command.option.flag.needs.an.argument.")).format(source));
-        tinyHelp();
-    }
-
-    private char[] getPass(String modifier, String arg) {
-        char[] output = getPassWithModifier(modifier, arg);
-        if (output != null) return output;
-        tinyHelp();
-        return null;    // Useless, tinyHelp() already exits.
-    }
-
-    // This method also used by JarSigner
-    public static char[] getPassWithModifier(String modifier, String arg) {
-        if (modifier == null) {
-            return arg.toCharArray();
-        } else if (collator.compare(modifier, "env") == 0) {
-            String value = System.getenv(arg);
-            if (value == null) {
-                System.err.println(rb.getString(
-                        "Cannot.find.environment.variable.") + arg);
-                return null;
-            } else {
-                return value.toCharArray();
-            }
-        } else if (collator.compare(modifier, "file") == 0) {
-            try {
-                URL url = null;
-                try {
-                    url = new URL(arg);
-                } catch (java.net.MalformedURLException mue) {
-                    File f = new File(arg);
-                    if (f.exists()) {
-                        url = f.toURI().toURL();
-                    } else {
-                        System.err.println(rb.getString(
-                                "Cannot.find.file.") + arg);
-                        return null;
-                    }
-                }
-                BufferedReader br = new BufferedReader(new InputStreamReader(
-                            url.openStream()));
-                String value = br.readLine();
-                br.close();
-                if (value == null) {
-                    return new char[0];
-                } else {
-                    return value.toCharArray();
-                }
-            } catch (IOException ioe) {
-                System.err.println(ioe);
-                return null;
-            }
-        } else {
-            System.err.println(rb.getString("Unknown.password.type.") +
-                    modifier);
-            return null;
-        }
-    }
-}
-
-// This class is exactly the same as com.sun.tools.javac.util.Pair,
-// it's copied here since the original one is not included in JRE.
-class Pair<A, B> {
-
-    public final A fst;
-    public final B snd;
-
-    public Pair(A fst, B snd) {
-        this.fst = fst;
-        this.snd = snd;
-    }
-
-    public String toString() {
-        return "Pair[" + fst + "," + snd + "]";
-    }
-
-    public boolean equals(Object other) {
-        return
-            other instanceof Pair &&
-            Objects.equals(fst, ((Pair)other).fst) &&
-            Objects.equals(snd, ((Pair)other).snd);
-    }
-
-    public int hashCode() {
-        if (fst == null) return (snd == null) ? 0 : snd.hashCode() + 1;
-        else if (snd == null) return fst.hashCode() + 2;
-        else return fst.hashCode() * 17 + snd.hashCode();
-    }
-
-    public static <A,B> Pair<A,B> of(A a, B b) {
-        return new Pair<>(a,b);
-    }
-}
-
--- a/jdk/src/share/classes/sun/security/tools/TimestampedSigner.java	Sat Oct 13 10:15:57 2012 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,186 +0,0 @@
-/*
- * Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package sun.security.tools;
-
-import java.io.IOException;
-import java.net.URI;
-import java.security.NoSuchAlgorithmException;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
-
-import com.sun.jarsigner.*;
-import sun.security.pkcs.PKCS7;
-import sun.security.util.*;
-import sun.security.x509.*;
-
-/**
- * This class implements a content signing service.
- * It generates a timestamped signature for a given content according to
- * <a href="http://www.ietf.org/rfc/rfc3161.txt">RFC 3161</a>.
- * The signature along with a trusted timestamp and the signer's certificate
- * are all packaged into a standard PKCS #7 Signed Data message.
- *
- * @author Vincent Ryan
- */
-
-public final class TimestampedSigner extends ContentSigner {
-
-    /*
-     * Object identifier for the subject information access X.509 certificate
-     * extension.
-     */
-    private static final String SUBJECT_INFO_ACCESS_OID = "1.3.6.1.5.5.7.1.11";
-
-    /*
-     * Object identifier for the timestamping access descriptors.
-     */
-    private static final ObjectIdentifier AD_TIMESTAMPING_Id;
-    static {
-        ObjectIdentifier tmp = null;
-        try {
-            tmp = new ObjectIdentifier("1.3.6.1.5.5.7.48.3");
-        } catch (IOException e) {
-            // ignore
-        }
-        AD_TIMESTAMPING_Id = tmp;
-    }
-
-    /**
-     * Instantiates a content signer that supports timestamped signatures.
-     */
-    public TimestampedSigner() {
-    }
-
-    /**
-     * Generates a PKCS #7 signed data message that includes a signature
-     * timestamp.
-     * This method is used when a signature has already been generated.
-     * The signature, a signature timestamp, the signer's certificate chain,
-     * and optionally the content that was signed, are packaged into a PKCS #7
-     * signed data message.
-     *
-     * @param params The non-null input parameters.
-     * @param omitContent true if the content should be omitted from the
-     *        signed data message. Otherwise the content is included.
-     * @param applyTimestamp true if the signature should be timestamped.
-     *        Otherwise timestamping is not performed.
-     * @return A PKCS #7 signed data message including a signature timestamp.
-     * @throws NoSuchAlgorithmException The exception is thrown if the signature
-     *         algorithm is unrecognised.
-     * @throws CertificateException The exception is thrown if an error occurs
-     *         while processing the signer's certificate or the TSA's
-     *         certificate.
-     * @throws IOException The exception is thrown if an error occurs while
-     *         generating the signature timestamp or while generating the signed
-     *         data message.
-     * @throws NullPointerException The exception is thrown if parameters is
-     *         null.
-     */
-    public byte[] generateSignedData(ContentSignerParameters params,
-        boolean omitContent, boolean applyTimestamp)
-            throws NoSuchAlgorithmException, CertificateException, IOException {
-
-        if (params == null) {
-            throw new NullPointerException();
-        }
-
-        // Parse the signature algorithm to extract the digest
-        // algorithm. The expected format is:
-        //     "<digest>with<encryption>"
-        // or  "<digest>with<encryption>and<mgf>"
-        String signatureAlgorithm = params.getSignatureAlgorithm();
-
-        X509Certificate[] signerChain = params.getSignerCertificateChain();
-        byte[] signature = params.getSignature();
-
-        // Include or exclude content
-        byte[] content = (omitContent == true) ? null : params.getContent();
-
-        URI tsaURI = null;
-        if (applyTimestamp) {
-            tsaURI = params.getTimestampingAuthority();
-            if (tsaURI == null) {
-                // Examine TSA cert
-                tsaURI = getTimestampingURI(
-                    params.getTimestampingAuthorityCertificate());
-                if (tsaURI == null) {
-                    throw new CertificateException(
-                        "Subject Information Access extension not found");
-                }
-            }
-        }
-        return PKCS7.generateSignedData(signature, signerChain, content,
-                                        params.getSignatureAlgorithm(), tsaURI);
-    }
-
-    /**
-     * Examine the certificate for a Subject Information Access extension
-     * (<a href="http://www.ietf.org/rfc/rfc3280.txt">RFC 3280</a>).
-     * The extension's <tt>accessMethod</tt> field should contain the object
-     * identifier defined for timestamping: 1.3.6.1.5.5.7.48.3 and its
-     * <tt>accessLocation</tt> field should contain an HTTP or HTTPS URL.
-     *
-     * @param tsaCertificate An X.509 certificate for the TSA.
-     * @return An HTTP or HTTPS URI or null if none was found.
-     */
-    public static URI getTimestampingURI(X509Certificate tsaCertificate) {
-
-        if (tsaCertificate == null) {
-            return null;
-        }
-        // Parse the extensions
-        try {
-            byte[] extensionValue =
-                tsaCertificate.getExtensionValue(SUBJECT_INFO_ACCESS_OID);
-            if (extensionValue == null) {
-                return null;
-            }
-            DerInputStream der = new DerInputStream(extensionValue);
-            der = new DerInputStream(der.getOctetString());
-            DerValue[] derValue = der.getSequence(5);
-            AccessDescription description;
-            GeneralName location;
-            URIName uri;
-            for (int i = 0; i < derValue.length; i++) {
-                description = new AccessDescription(derValue[i]);
-                if (description.getAccessMethod()
-                        .equals((Object)AD_TIMESTAMPING_Id)) {
-                    location = description.getAccessLocation();
-                    if (location.getType() == GeneralNameInterface.NAME_URI) {
-                        uri = (URIName) location.getName();
-                        if (uri.getScheme().equalsIgnoreCase("http") ||
-                                uri.getScheme().equalsIgnoreCase("https")) {
-                            return uri.getURI();
-                        }
-                    }
-                }
-            }
-        } catch (IOException ioe) {
-            // ignore
-        }
-        return null;
-    }
-}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/jarsigner/Main.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,2469 @@
+/*
+ * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.jarsigner;
+
+import java.io.*;
+import java.util.*;
+import java.util.zip.*;
+import java.util.jar.*;
+import java.math.BigInteger;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.text.Collator;
+import java.text.MessageFormat;
+import java.security.cert.Certificate;
+import java.security.cert.X509Certificate;
+import java.security.cert.CertificateException;
+import java.security.*;
+import java.lang.reflect.Constructor;
+
+import com.sun.jarsigner.ContentSigner;
+import com.sun.jarsigner.ContentSignerParameters;
+import java.net.SocketTimeoutException;
+import java.net.URL;
+import java.net.URLClassLoader;
+import java.security.cert.CertPath;
+import java.security.cert.CertPathValidator;
+import java.security.cert.CertificateExpiredException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.CertificateNotYetValidException;
+import java.security.cert.PKIXParameters;
+import java.security.cert.TrustAnchor;
+import java.util.Map.Entry;
+import sun.security.tools.KeyStoreUtil;
+import sun.security.tools.PathList;
+import sun.security.x509.*;
+import sun.security.util.*;
+import sun.misc.BASE64Encoder;
+
+
+/**
+ * <p>The jarsigner utility.
+ *
+ * The exit codes for the main method are:
+ *
+ * 0: success
+ * 1: any error that the jar cannot be signed or verified, including:
+ *      keystore loading error
+ *      TSP communication error
+ *      jarsigner command line error...
+ * otherwise: error codes from -strict
+ *
+ * @author Roland Schemers
+ * @author Jan Luehe
+ */
+
+public class Main {
+
+    // for i18n
+    private static final java.util.ResourceBundle rb =
+        java.util.ResourceBundle.getBundle
+        ("sun.security.tools.jarsigner.Resources");
+    private static final Collator collator = Collator.getInstance();
+    static {
+        // this is for case insensitive string comparisions
+        collator.setStrength(Collator.PRIMARY);
+    }
+
+    private static final String META_INF = "META-INF/";
+
+    // prefix for new signature-related files in META-INF directory
+    private static final String SIG_PREFIX = META_INF + "SIG-";
+
+    private static final Class[] PARAM_STRING = { String.class };
+
+    private static final String NONE = "NONE";
+    private static final String P11KEYSTORE = "PKCS11";
+
+    private static final long SIX_MONTHS = 180*24*60*60*1000L; //milliseconds
+
+    // Attention:
+    // This is the entry that get launched by the security tool jarsigner.
+    public static void main(String args[]) throws Exception {
+        Main js = new Main();
+        js.run(args);
+    }
+
+    static final String VERSION = "1.0";
+
+    static final int IN_KEYSTORE = 0x01;        // signer is in keystore
+    static final int IN_SCOPE = 0x02;
+    static final int NOT_ALIAS = 0x04;          // alias list is NOT empty and
+                                                // signer is not in alias list
+    static final int SIGNED_BY_ALIAS = 0x08;    // signer is in alias list
+
+    X509Certificate[] certChain;    // signer's cert chain (when composing)
+    PrivateKey privateKey;          // private key
+    KeyStore store;                 // the keystore specified by -keystore
+                                    // or the default keystore, never null
+
+    String keystore; // key store file
+    boolean nullStream = false; // null keystore input stream (NONE)
+    boolean token = false; // token-based keystore
+    String jarfile;  // jar files to sign or verify
+    String alias;    // alias to sign jar with
+    List<String> ckaliases = new ArrayList<>(); // aliases in -verify
+    char[] storepass; // keystore password
+    boolean protectedPath; // protected authentication path
+    String storetype; // keystore type
+    String providerName; // provider name
+    Vector<String> providers = null; // list of providers
+    // arguments for provider constructors
+    HashMap<String,String> providerArgs = new HashMap<>();
+    char[] keypass; // private key password
+    String sigfile; // name of .SF file
+    String sigalg; // name of signature algorithm
+    String digestalg = "SHA-256"; // name of digest algorithm
+    String signedjar; // output filename
+    String tsaUrl; // location of the Timestamping Authority
+    String tsaAlias; // alias for the Timestamping Authority's certificate
+    String altCertChain; // file to read alternative cert chain from
+    boolean verify = false; // verify the jar
+    String verbose = null; // verbose output when signing/verifying
+    boolean showcerts = false; // show certs when verifying
+    boolean debug = false; // debug
+    boolean signManifest = true; // "sign" the whole manifest
+    boolean externalSF = true; // leave the .SF out of the PKCS7 block
+    boolean strict = false;  // treat warnings as error
+
+    // read zip entry raw bytes
+    private ByteArrayOutputStream baos = new ByteArrayOutputStream(2048);
+    private byte[] buffer = new byte[8192];
+    private ContentSigner signingMechanism = null;
+    private String altSignerClass = null;
+    private String altSignerClasspath = null;
+    private ZipFile zipFile = null;
+
+    private boolean hasExpiredCert = false;
+    private boolean hasExpiringCert = false;
+    private boolean notYetValidCert = false;
+    private boolean chainNotValidated = false;
+    private boolean notSignedByAlias = false;
+    private boolean aliasNotInStore = false;
+    private boolean hasUnsignedEntry = false;
+    private boolean badKeyUsage = false;
+    private boolean badExtendedKeyUsage = false;
+    private boolean badNetscapeCertType = false;
+
+    CertificateFactory certificateFactory;
+    CertPathValidator validator;
+    PKIXParameters pkixParameters;
+
+    public void run(String args[]) {
+        try {
+            parseArgs(args);
+
+            // Try to load and install the specified providers
+            if (providers != null) {
+                ClassLoader cl = ClassLoader.getSystemClassLoader();
+                Enumeration<String> e = providers.elements();
+                while (e.hasMoreElements()) {
+                    String provName = e.nextElement();
+                    Class<?> provClass;
+                    if (cl != null) {
+                        provClass = cl.loadClass(provName);
+                    } else {
+                        provClass = Class.forName(provName);
+                    }
+
+                    String provArg = providerArgs.get(provName);
+                    Object obj;
+                    if (provArg == null) {
+                        obj = provClass.newInstance();
+                    } else {
+                        Constructor<?> c =
+                                provClass.getConstructor(PARAM_STRING);
+                        obj = c.newInstance(provArg);
+                    }
+
+                    if (!(obj instanceof Provider)) {
+                        MessageFormat form = new MessageFormat(rb.getString
+                            ("provName.not.a.provider"));
+                        Object[] source = {provName};
+                        throw new Exception(form.format(source));
+                    }
+                    Security.addProvider((Provider)obj);
+                }
+            }
+
+            if (verify) {
+                try {
+                    loadKeyStore(keystore, false);
+                } catch (Exception e) {
+                    if ((keystore != null) || (storepass != null)) {
+                        System.out.println(rb.getString("jarsigner.error.") +
+                                        e.getMessage());
+                        System.exit(1);
+                    }
+                }
+                /*              if (debug) {
+                    SignatureFileVerifier.setDebug(true);
+                    ManifestEntryVerifier.setDebug(true);
+                }
+                */
+                verifyJar(jarfile);
+            } else {
+                loadKeyStore(keystore, true);
+                getAliasInfo(alias);
+
+                // load the alternative signing mechanism
+                if (altSignerClass != null) {
+                    signingMechanism = loadSigningMechanism(altSignerClass,
+                        altSignerClasspath);
+                }
+                signJar(jarfile, alias, args);
+            }
+        } catch (Exception e) {
+            System.out.println(rb.getString("jarsigner.error.") + e);
+            if (debug) {
+                e.printStackTrace();
+            }
+            System.exit(1);
+        } finally {
+            // zero-out private key password
+            if (keypass != null) {
+                Arrays.fill(keypass, ' ');
+                keypass = null;
+            }
+            // zero-out keystore password
+            if (storepass != null) {
+                Arrays.fill(storepass, ' ');
+                storepass = null;
+            }
+        }
+
+        if (strict) {
+            int exitCode = 0;
+            if (hasExpiringCert) {
+                exitCode |= 2;
+            }
+            if (chainNotValidated || hasExpiredCert || notYetValidCert) {
+                exitCode |= 4;
+            }
+            if (badKeyUsage || badExtendedKeyUsage || badNetscapeCertType) {
+                exitCode |= 8;
+            }
+            if (hasUnsignedEntry) {
+                exitCode |= 16;
+            }
+            if (notSignedByAlias || aliasNotInStore) {
+                exitCode |= 32;
+            }
+            if (exitCode != 0) {
+                System.exit(exitCode);
+            }
+        }
+    }
+
+    /*
+     * Parse command line arguments.
+     */
+    void parseArgs(String args[]) {
+        /* parse flags */
+        int n = 0;
+
+        if (args.length == 0) fullusage();
+        for (n=0; n < args.length; n++) {
+
+            String flags = args[n];
+            String modifier = null;
+            if (flags.charAt(0) == '-') {
+                int pos = flags.indexOf(':');
+                if (pos > 0) {
+                    modifier = flags.substring(pos+1);
+                    flags = flags.substring(0, pos);
+                }
+            }
+
+            if (collator.compare(flags, "-keystore") == 0) {
+                if (++n == args.length) usageNoArg();
+                keystore = args[n];
+            } else if (collator.compare(flags, "-storepass") ==0) {
+                if (++n == args.length) usageNoArg();
+                storepass = getPass(modifier, args[n]);
+            } else if (collator.compare(flags, "-storetype") ==0) {
+                if (++n == args.length) usageNoArg();
+                storetype = args[n];
+            } else if (collator.compare(flags, "-providerName") ==0) {
+                if (++n == args.length) usageNoArg();
+                providerName = args[n];
+            } else if ((collator.compare(flags, "-provider") == 0) ||
+                        (collator.compare(flags, "-providerClass") == 0)) {
+                if (++n == args.length) usageNoArg();
+                if (providers == null) {
+                    providers = new Vector<String>(3);
+                }
+                providers.add(args[n]);
+
+                if (args.length > (n+1)) {
+                    flags = args[n+1];
+                    if (collator.compare(flags, "-providerArg") == 0) {
+                        if (args.length == (n+2)) usageNoArg();
+                        providerArgs.put(args[n], args[n+2]);
+                        n += 2;
+                    }
+                }
+            } else if (collator.compare(flags, "-protected") ==0) {
+                protectedPath = true;
+            } else if (collator.compare(flags, "-certchain") ==0) {
+                if (++n == args.length) usageNoArg();
+                altCertChain = args[n];
+            } else if (collator.compare(flags, "-debug") ==0) {
+                debug = true;
+            } else if (collator.compare(flags, "-keypass") ==0) {
+                if (++n == args.length) usageNoArg();
+                keypass = getPass(modifier, args[n]);
+            } else if (collator.compare(flags, "-sigfile") ==0) {
+                if (++n == args.length) usageNoArg();
+                sigfile = args[n];
+            } else if (collator.compare(flags, "-signedjar") ==0) {
+                if (++n == args.length) usageNoArg();
+                signedjar = args[n];
+            } else if (collator.compare(flags, "-tsa") ==0) {
+                if (++n == args.length) usageNoArg();
+                tsaUrl = args[n];
+            } else if (collator.compare(flags, "-tsacert") ==0) {
+                if (++n == args.length) usageNoArg();
+                tsaAlias = args[n];
+            } else if (collator.compare(flags, "-altsigner") ==0) {
+                if (++n == args.length) usageNoArg();
+                altSignerClass = args[n];
+            } else if (collator.compare(flags, "-altsignerpath") ==0) {
+                if (++n == args.length) usageNoArg();
+                altSignerClasspath = args[n];
+            } else if (collator.compare(flags, "-sectionsonly") ==0) {
+                signManifest = false;
+            } else if (collator.compare(flags, "-internalsf") ==0) {
+                externalSF = false;
+            } else if (collator.compare(flags, "-verify") ==0) {
+                verify = true;
+            } else if (collator.compare(flags, "-verbose") ==0) {
+                verbose = (modifier != null) ? modifier : "all";
+            } else if (collator.compare(flags, "-sigalg") ==0) {
+                if (++n == args.length) usageNoArg();
+                sigalg = args[n];
+            } else if (collator.compare(flags, "-digestalg") ==0) {
+                if (++n == args.length) usageNoArg();
+                digestalg = args[n];
+            } else if (collator.compare(flags, "-certs") ==0) {
+                showcerts = true;
+            } else if (collator.compare(flags, "-strict") ==0) {
+                strict = true;
+            } else if (collator.compare(flags, "-h") == 0 ||
+                        collator.compare(flags, "-help") == 0) {
+                fullusage();
+            } else {
+                if (!flags.startsWith("-")) {
+                    if (jarfile == null) {
+                        jarfile = flags;
+                    } else {
+                        alias = flags;
+                        ckaliases.add(alias);
+                    }
+                } else {
+                    System.err.println(
+                            rb.getString("Illegal.option.") + flags);
+                    usage();
+                }
+            }
+        }
+
+        // -certs must always be specified with -verbose
+        if (verbose == null) showcerts = false;
+
+        if (jarfile == null) {
+            System.err.println(rb.getString("Please.specify.jarfile.name"));
+            usage();
+        }
+        if (!verify && alias == null) {
+            System.err.println(rb.getString("Please.specify.alias.name"));
+            usage();
+        }
+        if (!verify && ckaliases.size() > 1) {
+            System.err.println(rb.getString("Only.one.alias.can.be.specified"));
+            usage();
+        }
+
+        if (storetype == null) {
+            storetype = KeyStore.getDefaultType();
+        }
+        storetype = KeyStoreUtil.niceStoreTypeName(storetype);
+
+        try {
+            if (signedjar != null && new File(signedjar).getCanonicalPath().equals(
+                    new File(jarfile).getCanonicalPath())) {
+                signedjar = null;
+            }
+        } catch (IOException ioe) {
+            // File system error?
+            // Just ignore it.
+        }
+
+        if (P11KEYSTORE.equalsIgnoreCase(storetype) ||
+                KeyStoreUtil.isWindowsKeyStore(storetype)) {
+            token = true;
+            if (keystore == null) {
+                keystore = NONE;
+            }
+        }
+
+        if (NONE.equals(keystore)) {
+            nullStream = true;
+        }
+
+        if (token && !nullStream) {
+            System.err.println(MessageFormat.format(rb.getString
+                (".keystore.must.be.NONE.if.storetype.is.{0}"), storetype));
+            usage();
+        }
+
+        if (token && keypass != null) {
+            System.err.println(MessageFormat.format(rb.getString
+                (".keypass.can.not.be.specified.if.storetype.is.{0}"), storetype));
+            usage();
+        }
+
+        if (protectedPath) {
+            if (storepass != null || keypass != null) {
+                System.err.println(rb.getString
+                        ("If.protected.is.specified.then.storepass.and.keypass.must.not.be.specified"));
+                usage();
+            }
+        }
+        if (KeyStoreUtil.isWindowsKeyStore(storetype)) {
+            if (storepass != null || keypass != null) {
+                System.err.println(rb.getString
+                        ("If.keystore.is.not.password.protected.then.storepass.and.keypass.must.not.be.specified"));
+                usage();
+            }
+        }
+    }
+
+    static char[] getPass(String modifier, String arg) {
+        char[] output = KeyStoreUtil.getPassWithModifier(modifier, arg, rb);
+        if (output != null) return output;
+        usage();
+        return null;    // Useless, usage() already exit
+    }
+
+    static void usageNoArg() {
+        System.out.println(rb.getString("Option.lacks.argument"));
+        usage();
+    }
+
+    static void usage() {
+        System.out.println();
+        System.out.println(rb.getString("Please.type.jarsigner.help.for.usage"));
+        System.exit(1);
+    }
+
+    static void fullusage() {
+        System.out.println(rb.getString
+                ("Usage.jarsigner.options.jar.file.alias"));
+        System.out.println(rb.getString
+                (".jarsigner.verify.options.jar.file.alias."));
+        System.out.println();
+        System.out.println(rb.getString
+                (".keystore.url.keystore.location"));
+        System.out.println();
+        System.out.println(rb.getString
+                (".storepass.password.password.for.keystore.integrity"));
+        System.out.println();
+        System.out.println(rb.getString
+                (".storetype.type.keystore.type"));
+        System.out.println();
+        System.out.println(rb.getString
+                (".keypass.password.password.for.private.key.if.different."));
+        System.out.println();
+        System.out.println(rb.getString
+                (".certchain.file.name.of.alternative.certchain.file"));
+        System.out.println();
+        System.out.println(rb.getString
+                (".sigfile.file.name.of.SF.DSA.file"));
+        System.out.println();
+        System.out.println(rb.getString
+                (".signedjar.file.name.of.signed.JAR.file"));
+        System.out.println();
+        System.out.println(rb.getString
+                (".digestalg.algorithm.name.of.digest.algorithm"));
+        System.out.println();
+        System.out.println(rb.getString
+                (".sigalg.algorithm.name.of.signature.algorithm"));
+        System.out.println();
+        System.out.println(rb.getString
+                (".verify.verify.a.signed.JAR.file"));
+        System.out.println();
+        System.out.println(rb.getString
+                (".verbose.suboptions.verbose.output.when.signing.verifying."));
+        System.out.println(rb.getString
+                (".suboptions.can.be.all.grouped.or.summary"));
+        System.out.println();
+        System.out.println(rb.getString
+                (".certs.display.certificates.when.verbose.and.verifying"));
+        System.out.println();
+        System.out.println(rb.getString
+                (".tsa.url.location.of.the.Timestamping.Authority"));
+        System.out.println();
+        System.out.println(rb.getString
+                (".tsacert.alias.public.key.certificate.for.Timestamping.Authority"));
+        System.out.println();
+        System.out.println(rb.getString
+                (".altsigner.class.class.name.of.an.alternative.signing.mechanism"));
+        System.out.println();
+        System.out.println(rb.getString
+                (".altsignerpath.pathlist.location.of.an.alternative.signing.mechanism"));
+        System.out.println();
+        System.out.println(rb.getString
+                (".internalsf.include.the.SF.file.inside.the.signature.block"));
+        System.out.println();
+        System.out.println(rb.getString
+                (".sectionsonly.don.t.compute.hash.of.entire.manifest"));
+        System.out.println();
+        System.out.println(rb.getString
+                (".protected.keystore.has.protected.authentication.path"));
+        System.out.println();
+        System.out.println(rb.getString
+                (".providerName.name.provider.name"));
+        System.out.println();
+        System.out.println(rb.getString
+                (".providerClass.class.name.of.cryptographic.service.provider.s"));
+        System.out.println(rb.getString
+                (".providerArg.arg.master.class.file.and.constructor.argument"));
+        System.out.println();
+        System.out.println(rb.getString
+                (".strict.treat.warnings.as.errors"));
+        System.out.println();
+
+        System.exit(0);
+    }
+
+    void verifyJar(String jarName)
+        throws Exception
+    {
+        boolean anySigned = false;  // if there exists entry inside jar signed
+        JarFile jf = null;
+
+        try {
+            jf = new JarFile(jarName, true);
+            Vector<JarEntry> entriesVec = new Vector<>();
+            byte[] buffer = new byte[8192];
+
+            Enumeration<JarEntry> entries = jf.entries();
+            while (entries.hasMoreElements()) {
+                JarEntry je = entries.nextElement();
+                entriesVec.addElement(je);
+                InputStream is = null;
+                try {
+                    is = jf.getInputStream(je);
+                    int n;
+                    while ((n = is.read(buffer, 0, buffer.length)) != -1) {
+                        // we just read. this will throw a SecurityException
+                        // if  a signature/digest check fails.
+                    }
+                } finally {
+                    if (is != null) {
+                        is.close();
+                    }
+                }
+            }
+
+            Manifest man = jf.getManifest();
+
+            // The map to record display info, only used when -verbose provided
+            //      key: signer info string
+            //      value: the list of files with common key
+            Map<String,List<String>> output = new LinkedHashMap<>();
+
+            if (man != null) {
+                if (verbose != null) System.out.println();
+                Enumeration<JarEntry> e = entriesVec.elements();
+
+                String tab = rb.getString("6SPACE");
+
+                while (e.hasMoreElements()) {
+                    JarEntry je = e.nextElement();
+                    String name = je.getName();
+                    CodeSigner[] signers = je.getCodeSigners();
+                    boolean isSigned = (signers != null);
+                    anySigned |= isSigned;
+                    hasUnsignedEntry |= !je.isDirectory() && !isSigned
+                                        && !signatureRelated(name);
+
+                    int inStoreOrScope = inKeyStore(signers);
+
+                    boolean inStore = (inStoreOrScope & IN_KEYSTORE) != 0;
+                    boolean inScope = (inStoreOrScope & IN_SCOPE) != 0;
+
+                    notSignedByAlias |= (inStoreOrScope & NOT_ALIAS) != 0;
+                    if (keystore != null) {
+                        aliasNotInStore |= isSigned && (!inStore && !inScope);
+                    }
+
+                    // Only used when -verbose provided
+                    StringBuffer sb = null;
+                    if (verbose != null) {
+                        sb = new StringBuffer();
+                        boolean inManifest =
+                            ((man.getAttributes(name) != null) ||
+                             (man.getAttributes("./"+name) != null) ||
+                             (man.getAttributes("/"+name) != null));
+                        sb.append(
+                          (isSigned ? rb.getString("s") : rb.getString("SPACE")) +
+                          (inManifest ? rb.getString("m") : rb.getString("SPACE")) +
+                          (inStore ? rb.getString("k") : rb.getString("SPACE")) +
+                          (inScope ? rb.getString("i") : rb.getString("SPACE")) +
+                          ((inStoreOrScope & NOT_ALIAS) != 0 ?"X":" ") +
+                          rb.getString("SPACE"));
+                        sb.append("|");
+                    }
+
+                    // When -certs provided, display info has extra empty
+                    // lines at the beginning and end.
+                    if (isSigned) {
+                        if (showcerts) sb.append('\n');
+                        for (CodeSigner signer: signers) {
+                            // signerInfo() must be called even if -verbose
+                            // not provided. The method updates various
+                            // warning flags.
+                            String si = signerInfo(signer, tab);
+                            if (showcerts) {
+                                sb.append(si);
+                                sb.append('\n');
+                            }
+                        }
+                    } else if (showcerts && !verbose.equals("all")) {
+                        // Print no info for unsigned entries when -verbose:all,
+                        // to be consistent with old behavior.
+                        if (signatureRelated(name)) {
+                            sb.append("\n" + tab + rb.getString(
+                                    ".Signature.related.entries.") + "\n\n");
+                        } else {
+                            sb.append("\n" + tab + rb.getString(
+                                    ".Unsigned.entries.") + "\n\n");
+                        }
+                    }
+
+                    if (verbose != null) {
+                        String label = sb.toString();
+                        if (signatureRelated(name)) {
+                            // Entries inside META-INF and other unsigned
+                            // entries are grouped separately.
+                            label = "-" + label;
+                        }
+
+                        // The label finally contains 2 parts separated by '|':
+                        // The legend displayed before the entry names, and
+                        // the cert info (if -certs specfied).
+
+                        if (!output.containsKey(label)) {
+                            output.put(label, new ArrayList<String>());
+                        }
+
+                        StringBuffer fb = new StringBuffer();
+                        String s = Long.toString(je.getSize());
+                        for (int i = 6 - s.length(); i > 0; --i) {
+                            fb.append(' ');
+                        }
+                        fb.append(s).append(' ').
+                                append(new Date(je.getTime()).toString());
+                        fb.append(' ').append(name);
+
+                        output.get(label).add(fb.toString());
+                    }
+                }
+            }
+            if (verbose != null) {
+                for (Entry<String,List<String>> s: output.entrySet()) {
+                    List<String> files = s.getValue();
+                    String key = s.getKey();
+                    if (key.charAt(0) == '-') { // the signature-related group
+                        key = key.substring(1);
+                    }
+                    int pipe = key.indexOf('|');
+                    if (verbose.equals("all")) {
+                        for (String f: files) {
+                            System.out.println(key.substring(0, pipe) + f);
+                            System.out.printf(key.substring(pipe+1));
+                        }
+                    } else {
+                        if (verbose.equals("grouped")) {
+                            for (String f: files) {
+                                System.out.println(key.substring(0, pipe) + f);
+                            }
+                        } else if (verbose.equals("summary")) {
+                            System.out.print(key.substring(0, pipe));
+                            if (files.size() > 1) {
+                                System.out.println(files.get(0) + " " +
+                                        String.format(rb.getString(
+                                        ".and.d.more."), files.size()-1));
+                            } else {
+                                System.out.println(files.get(0));
+                            }
+                        }
+                        System.out.printf(key.substring(pipe+1));
+                    }
+                }
+                System.out.println();
+                System.out.println(rb.getString(
+                    ".s.signature.was.verified."));
+                System.out.println(rb.getString(
+                    ".m.entry.is.listed.in.manifest"));
+                System.out.println(rb.getString(
+                    ".k.at.least.one.certificate.was.found.in.keystore"));
+                System.out.println(rb.getString(
+                    ".i.at.least.one.certificate.was.found.in.identity.scope"));
+                if (ckaliases.size() > 0) {
+                    System.out.println(rb.getString(
+                        ".X.not.signed.by.specified.alias.es."));
+                }
+                System.out.println();
+            }
+            if (man == null)
+                System.out.println(rb.getString("no.manifest."));
+
+            if (!anySigned) {
+                System.out.println(rb.getString(
+                      "jar.is.unsigned.signatures.missing.or.not.parsable."));
+            } else {
+                System.out.println(rb.getString("jar.verified."));
+                if (hasUnsignedEntry || hasExpiredCert || hasExpiringCert ||
+                    badKeyUsage || badExtendedKeyUsage || badNetscapeCertType ||
+                    notYetValidCert || chainNotValidated ||
+                    aliasNotInStore || notSignedByAlias) {
+
+                    System.out.println();
+                    System.out.println(rb.getString("Warning."));
+                    if (badKeyUsage) {
+                        System.out.println(
+                            rb.getString("This.jar.contains.entries.whose.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing."));
+                    }
+
+                    if (badExtendedKeyUsage) {
+                        System.out.println(
+                            rb.getString("This.jar.contains.entries.whose.signer.certificate.s.ExtendedKeyUsage.extension.doesn.t.allow.code.signing."));
+                    }
+
+                    if (badNetscapeCertType) {
+                        System.out.println(
+                            rb.getString("This.jar.contains.entries.whose.signer.certificate.s.NetscapeCertType.extension.doesn.t.allow.code.signing."));
+                    }
+
+                    if (hasUnsignedEntry) {
+                        System.out.println(rb.getString(
+                            "This.jar.contains.unsigned.entries.which.have.not.been.integrity.checked."));
+                    }
+                    if (hasExpiredCert) {
+                        System.out.println(rb.getString(
+                            "This.jar.contains.entries.whose.signer.certificate.has.expired."));
+                    }
+                    if (hasExpiringCert) {
+                        System.out.println(rb.getString(
+                            "This.jar.contains.entries.whose.signer.certificate.will.expire.within.six.months."));
+                    }
+                    if (notYetValidCert) {
+                        System.out.println(rb.getString(
+                            "This.jar.contains.entries.whose.signer.certificate.is.not.yet.valid."));
+                    }
+
+                    if (chainNotValidated) {
+                        System.out.println(
+                                rb.getString("This.jar.contains.entries.whose.certificate.chain.is.not.validated."));
+                    }
+
+                    if (notSignedByAlias) {
+                        System.out.println(
+                                rb.getString("This.jar.contains.signed.entries.which.is.not.signed.by.the.specified.alias.es."));
+                    }
+
+                    if (aliasNotInStore) {
+                        System.out.println(rb.getString("This.jar.contains.signed.entries.that.s.not.signed.by.alias.in.this.keystore."));
+                    }
+                    if (! (verbose != null && showcerts)) {
+                        System.out.println();
+                        System.out.println(rb.getString(
+                            "Re.run.with.the.verbose.and.certs.options.for.more.details."));
+                    }
+                }
+            }
+            return;
+        } catch (Exception e) {
+            System.out.println(rb.getString("jarsigner.") + e);
+            if (debug) {
+                e.printStackTrace();
+            }
+        } finally { // close the resource
+            if (jf != null) {
+                jf.close();
+            }
+        }
+
+        System.exit(1);
+    }
+
+    private static MessageFormat validityTimeForm = null;
+    private static MessageFormat notYetTimeForm = null;
+    private static MessageFormat expiredTimeForm = null;
+    private static MessageFormat expiringTimeForm = null;
+
+    /*
+     * Display some details about a certificate:
+     *
+     * [<tab>] <cert-type> [", " <subject-DN>] [" (" <keystore-entry-alias> ")"]
+     * [<validity-period> | <expiry-warning>]
+     *
+     * Note: no newline character at the end
+     */
+    String printCert(String tab, Certificate c, boolean checkValidityPeriod,
+        Date timestamp, boolean checkUsage) {
+
+        StringBuilder certStr = new StringBuilder();
+        String space = rb.getString("SPACE");
+        X509Certificate x509Cert = null;
+
+        if (c instanceof X509Certificate) {
+            x509Cert = (X509Certificate) c;
+            certStr.append(tab).append(x509Cert.getType())
+                .append(rb.getString("COMMA"))
+                .append(x509Cert.getSubjectDN().getName());
+        } else {
+            certStr.append(tab).append(c.getType());
+        }
+
+        String alias = storeHash.get(c);
+        if (alias != null) {
+            certStr.append(space).append(alias);
+        }
+
+        if (checkValidityPeriod && x509Cert != null) {
+
+            certStr.append("\n").append(tab).append("[");
+            Date notAfter = x509Cert.getNotAfter();
+            try {
+                boolean printValidity = true;
+                if (timestamp == null) {
+                    x509Cert.checkValidity();
+                    // test if cert will expire within six months
+                    if (notAfter.getTime() < System.currentTimeMillis() + SIX_MONTHS) {
+                        hasExpiringCert = true;
+                        if (expiringTimeForm == null) {
+                            expiringTimeForm = new MessageFormat(
+                                rb.getString("certificate.will.expire.on"));
+                        }
+                        Object[] source = { notAfter };
+                        certStr.append(expiringTimeForm.format(source));
+                        printValidity = false;
+                    }
+                } else {
+                    x509Cert.checkValidity(timestamp);
+                }
+                if (printValidity) {
+                    if (validityTimeForm == null) {
+                        validityTimeForm = new MessageFormat(
+                            rb.getString("certificate.is.valid.from"));
+                    }
+                    Object[] source = { x509Cert.getNotBefore(), notAfter };
+                    certStr.append(validityTimeForm.format(source));
+                }
+            } catch (CertificateExpiredException cee) {
+                hasExpiredCert = true;
+
+                if (expiredTimeForm == null) {
+                    expiredTimeForm = new MessageFormat(
+                        rb.getString("certificate.expired.on"));
+                }
+                Object[] source = { notAfter };
+                certStr.append(expiredTimeForm.format(source));
+
+            } catch (CertificateNotYetValidException cnyve) {
+                notYetValidCert = true;
+
+                if (notYetTimeForm == null) {
+                    notYetTimeForm = new MessageFormat(
+                        rb.getString("certificate.is.not.valid.until"));
+                }
+                Object[] source = { x509Cert.getNotBefore() };
+                certStr.append(notYetTimeForm.format(source));
+            }
+            certStr.append("]");
+
+            if (checkUsage) {
+                boolean[] bad = new boolean[3];
+                checkCertUsage(x509Cert, bad);
+                if (bad[0] || bad[1] || bad[2]) {
+                    String x = "";
+                    if (bad[0]) {
+                        x ="KeyUsage";
+                    }
+                    if (bad[1]) {
+                        if (x.length() > 0) x = x + ", ";
+                        x = x + "ExtendedKeyUsage";
+                    }
+                    if (bad[2]) {
+                        if (x.length() > 0) x = x + ", ";
+                        x = x + "NetscapeCertType";
+                    }
+                    certStr.append("\n").append(tab)
+                        .append(MessageFormat.format(rb.getString(
+                        ".{0}.extension.does.not.support.code.signing."), x));
+                }
+            }
+        }
+        return certStr.toString();
+    }
+
+    private static MessageFormat signTimeForm = null;
+
+    private String printTimestamp(String tab, Timestamp timestamp) {
+
+        if (signTimeForm == null) {
+            signTimeForm =
+                new MessageFormat(rb.getString("entry.was.signed.on"));
+        }
+        Object[] source = { timestamp.getTimestamp() };
+
+        return new StringBuilder().append(tab).append("[")
+            .append(signTimeForm.format(source)).append("]").toString();
+    }
+
+    private Map<CodeSigner,Integer> cacheForInKS = new IdentityHashMap<>();
+
+    private int inKeyStoreForOneSigner(CodeSigner signer) {
+        if (cacheForInKS.containsKey(signer)) {
+            return cacheForInKS.get(signer);
+        }
+
+        boolean found = false;
+        int result = 0;
+        List<? extends Certificate> certs = signer.getSignerCertPath().getCertificates();
+        for (Certificate c : certs) {
+            String alias = storeHash.get(c);
+            if (alias != null) {
+                if (alias.startsWith("(")) {
+                    result |= IN_KEYSTORE;
+                } else if (alias.startsWith("[")) {
+                    result |= IN_SCOPE;
+                }
+                if (ckaliases.contains(alias.substring(1, alias.length() - 1))) {
+                    result |= SIGNED_BY_ALIAS;
+                }
+            } else {
+                if (store != null) {
+                    try {
+                        alias = store.getCertificateAlias(c);
+                    } catch (KeyStoreException kse) {
+                        // never happens, because keystore has been loaded
+                    }
+                    if (alias != null) {
+                        storeHash.put(c, "(" + alias + ")");
+                        found = true;
+                        result |= IN_KEYSTORE;
+                    }
+                }
+                if (ckaliases.contains(alias)) {
+                    result |= SIGNED_BY_ALIAS;
+                }
+            }
+        }
+        cacheForInKS.put(signer, result);
+        return result;
+    }
+
+    Hashtable<Certificate, String> storeHash = new Hashtable<>();
+
+    int inKeyStore(CodeSigner[] signers) {
+
+        if (signers == null)
+            return 0;
+
+        int output = 0;
+
+        for (CodeSigner signer: signers) {
+            int result = inKeyStoreForOneSigner(signer);
+            output |= result;
+        }
+        if (ckaliases.size() > 0 && (output & SIGNED_BY_ALIAS) == 0) {
+            output |= NOT_ALIAS;
+        }
+        return output;
+    }
+
+    void signJar(String jarName, String alias, String[] args)
+        throws Exception {
+        boolean aliasUsed = false;
+        X509Certificate tsaCert = null;
+
+        if (sigfile == null) {
+            sigfile = alias;
+            aliasUsed = true;
+        }
+
+        if (sigfile.length() > 8) {
+            sigfile = sigfile.substring(0, 8).toUpperCase(Locale.ENGLISH);
+        } else {
+            sigfile = sigfile.toUpperCase(Locale.ENGLISH);
+        }
+
+        StringBuilder tmpSigFile = new StringBuilder(sigfile.length());
+        for (int j = 0; j < sigfile.length(); j++) {
+            char c = sigfile.charAt(j);
+            if (!
+                ((c>= 'A' && c<= 'Z') ||
+                (c>= '0' && c<= '9') ||
+                (c == '-') ||
+                (c == '_'))) {
+                if (aliasUsed) {
+                    // convert illegal characters from the alias to be _'s
+                    c = '_';
+                } else {
+                 throw new
+                   RuntimeException(rb.getString
+                        ("signature.filename.must.consist.of.the.following.characters.A.Z.0.9.or."));
+                }
+            }
+            tmpSigFile.append(c);
+        }
+
+        sigfile = tmpSigFile.toString();
+
+        String tmpJarName;
+        if (signedjar == null) tmpJarName = jarName+".sig";
+        else tmpJarName = signedjar;
+
+        File jarFile = new File(jarName);
+        File signedJarFile = new File(tmpJarName);
+
+        // Open the jar (zip) file
+        try {
+            zipFile = new ZipFile(jarName);
+        } catch (IOException ioe) {
+            error(rb.getString("unable.to.open.jar.file.")+jarName, ioe);
+        }
+
+        FileOutputStream fos = null;
+        try {
+            fos = new FileOutputStream(signedJarFile);
+        } catch (IOException ioe) {
+            error(rb.getString("unable.to.create.")+tmpJarName, ioe);
+        }
+
+        PrintStream ps = new PrintStream(fos);
+        ZipOutputStream zos = new ZipOutputStream(ps);
+
+        /* First guess at what they might be - we don't xclude RSA ones. */
+        String sfFilename = (META_INF + sigfile + ".SF").toUpperCase(Locale.ENGLISH);
+        String bkFilename = (META_INF + sigfile + ".DSA").toUpperCase(Locale.ENGLISH);
+
+        Manifest manifest = new Manifest();
+        Map<String,Attributes> mfEntries = manifest.getEntries();
+
+        // The Attributes of manifest before updating
+        Attributes oldAttr = null;
+
+        boolean mfModified = false;
+        boolean mfCreated = false;
+        byte[] mfRawBytes = null;
+
+        try {
+            MessageDigest digests[] = { MessageDigest.getInstance(digestalg) };
+
+            // Check if manifest exists
+            ZipEntry mfFile;
+            if ((mfFile = getManifestFile(zipFile)) != null) {
+                // Manifest exists. Read its raw bytes.
+                mfRawBytes = getBytes(zipFile, mfFile);
+                manifest.read(new ByteArrayInputStream(mfRawBytes));
+                oldAttr = (Attributes)(manifest.getMainAttributes().clone());
+            } else {
+                // Create new manifest
+                Attributes mattr = manifest.getMainAttributes();
+                mattr.putValue(Attributes.Name.MANIFEST_VERSION.toString(),
+                               "1.0");
+                String javaVendor = System.getProperty("java.vendor");
+                String jdkVersion = System.getProperty("java.version");
+                mattr.putValue("Created-By", jdkVersion + " (" +javaVendor
+                               + ")");
+                mfFile = new ZipEntry(JarFile.MANIFEST_NAME);
+                mfCreated = true;
+            }
+
+            /*
+             * For each entry in jar
+             * (except for signature-related META-INF entries),
+             * do the following:
+             *
+             * - if entry is not contained in manifest, add it to manifest;
+             * - if entry is contained in manifest, calculate its hash and
+             *   compare it with the one in the manifest; if they are
+             *   different, replace the hash in the manifest with the newly
+             *   generated one. (This may invalidate existing signatures!)
+             */
+            BASE64Encoder encoder = new JarBASE64Encoder();
+            Vector<ZipEntry> mfFiles = new Vector<>();
+
+            boolean wasSigned = false;
+
+            for (Enumeration<? extends ZipEntry> enum_=zipFile.entries();
+                        enum_.hasMoreElements();) {
+                ZipEntry ze = enum_.nextElement();
+
+                if (ze.getName().startsWith(META_INF)) {
+                    // Store META-INF files in vector, so they can be written
+                    // out first
+                    mfFiles.addElement(ze);
+
+                    if (SignatureFileVerifier.isBlockOrSF(
+                            ze.getName().toUpperCase(Locale.ENGLISH))) {
+                        wasSigned = true;
+                    }
+
+                    if (signatureRelated(ze.getName())) {
+                        // ignore signature-related and manifest files
+                        continue;
+                    }
+                }
+
+                if (manifest.getAttributes(ze.getName()) != null) {
+                    // jar entry is contained in manifest, check and
+                    // possibly update its digest attributes
+                    if (updateDigests(ze, zipFile, digests, encoder,
+                                      manifest) == true) {
+                        mfModified = true;
+                    }
+                } else if (!ze.isDirectory()) {
+                    // Add entry to manifest
+                    Attributes attrs = getDigestAttributes(ze, zipFile,
+                                                           digests,
+                                                           encoder);
+                    mfEntries.put(ze.getName(), attrs);
+                    mfModified = true;
+                }
+            }
+
+            // Recalculate the manifest raw bytes if necessary
+            if (mfModified) {
+                ByteArrayOutputStream baos = new ByteArrayOutputStream();
+                manifest.write(baos);
+                if (wasSigned) {
+                    byte[] newBytes = baos.toByteArray();
+                    if (mfRawBytes != null
+                            && oldAttr.equals(manifest.getMainAttributes())) {
+
+                        /*
+                         * Note:
+                         *
+                         * The Attributes object is based on HashMap and can handle
+                         * continuation columns. Therefore, even if the contents are
+                         * not changed (in a Map view), the bytes that it write()
+                         * may be different from the original bytes that it read()
+                         * from. Since the signature on the main attributes is based
+                         * on raw bytes, we must retain the exact bytes.
+                         */
+
+                        int newPos = findHeaderEnd(newBytes);
+                        int oldPos = findHeaderEnd(mfRawBytes);
+
+                        if (newPos == oldPos) {
+                            System.arraycopy(mfRawBytes, 0, newBytes, 0, oldPos);
+                        } else {
+                            // cat oldHead newTail > newBytes
+                            byte[] lastBytes = new byte[oldPos +
+                                    newBytes.length - newPos];
+                            System.arraycopy(mfRawBytes, 0, lastBytes, 0, oldPos);
+                            System.arraycopy(newBytes, newPos, lastBytes, oldPos,
+                                    newBytes.length - newPos);
+                            newBytes = lastBytes;
+                        }
+                    }
+                    mfRawBytes = newBytes;
+                } else {
+                    mfRawBytes = baos.toByteArray();
+                }
+            }
+
+            // Write out the manifest
+            if (mfModified) {
+                // manifest file has new length
+                mfFile = new ZipEntry(JarFile.MANIFEST_NAME);
+            }
+            if (verbose != null) {
+                if (mfCreated) {
+                    System.out.println(rb.getString(".adding.") +
+                                        mfFile.getName());
+                } else if (mfModified) {
+                    System.out.println(rb.getString(".updating.") +
+                                        mfFile.getName());
+                }
+            }
+            zos.putNextEntry(mfFile);
+            zos.write(mfRawBytes);
+
+            // Calculate SignatureFile (".SF") and SignatureBlockFile
+            ManifestDigester manDig = new ManifestDigester(mfRawBytes);
+            SignatureFile sf = new SignatureFile(digests, manifest, manDig,
+                                                 sigfile, signManifest);
+
+            if (tsaAlias != null) {
+                tsaCert = getTsaCert(tsaAlias);
+            }
+
+            SignatureFile.Block block = null;
+
+            try {
+                block =
+                    sf.generateBlock(privateKey, sigalg, certChain,
+                        externalSF, tsaUrl, tsaCert, signingMechanism, args,
+                        zipFile);
+            } catch (SocketTimeoutException e) {
+                // Provide a helpful message when TSA is beyond a firewall
+                error(rb.getString("unable.to.sign.jar.") +
+                rb.getString("no.response.from.the.Timestamping.Authority.") +
+                "\n  -J-Dhttp.proxyHost=<hostname>" +
+                "\n  -J-Dhttp.proxyPort=<portnumber>\n" +
+                rb.getString("or") +
+                "\n  -J-Dhttps.proxyHost=<hostname> " +
+                "\n  -J-Dhttps.proxyPort=<portnumber> ", e);
+            }
+
+            sfFilename = sf.getMetaName();
+            bkFilename = block.getMetaName();
+
+            ZipEntry sfFile = new ZipEntry(sfFilename);
+            ZipEntry bkFile = new ZipEntry(bkFilename);
+
+            long time = System.currentTimeMillis();
+            sfFile.setTime(time);
+            bkFile.setTime(time);
+
+            // signature file
+            zos.putNextEntry(sfFile);
+            sf.write(zos);
+            if (verbose != null) {
+                if (zipFile.getEntry(sfFilename) != null) {
+                    System.out.println(rb.getString(".updating.") +
+                                sfFilename);
+                } else {
+                    System.out.println(rb.getString(".adding.") +
+                                sfFilename);
+                }
+            }
+
+            if (verbose != null) {
+                if (tsaUrl != null || tsaCert != null) {
+                    System.out.println(
+                        rb.getString("requesting.a.signature.timestamp"));
+                }
+                if (tsaUrl != null) {
+                    System.out.println(rb.getString("TSA.location.") + tsaUrl);
+                }
+                if (tsaCert != null) {
+                    URI tsaURI = TimestampedSigner.getTimestampingURI(tsaCert);
+                    if (tsaURI != null) {
+                        System.out.println(rb.getString("TSA.location.") +
+                            tsaURI);
+                    }
+                    System.out.println(rb.getString("TSA.certificate.") +
+                        printCert("", tsaCert, false, null, false));
+                }
+                if (signingMechanism != null) {
+                    System.out.println(
+                        rb.getString("using.an.alternative.signing.mechanism"));
+                }
+            }
+
+            // signature block file
+            zos.putNextEntry(bkFile);
+            block.write(zos);
+            if (verbose != null) {
+                if (zipFile.getEntry(bkFilename) != null) {
+                    System.out.println(rb.getString(".updating.") +
+                        bkFilename);
+                } else {
+                    System.out.println(rb.getString(".adding.") +
+                        bkFilename);
+                }
+            }
+
+            // Write out all other META-INF files that we stored in the
+            // vector
+            for (int i=0; i<mfFiles.size(); i++) {
+                ZipEntry ze = mfFiles.elementAt(i);
+                if (!ze.getName().equalsIgnoreCase(JarFile.MANIFEST_NAME)
+                    && !ze.getName().equalsIgnoreCase(sfFilename)
+                    && !ze.getName().equalsIgnoreCase(bkFilename)) {
+                    writeEntry(zipFile, zos, ze);
+                }
+            }
+
+            // Write out all other files
+            for (Enumeration<? extends ZipEntry> enum_=zipFile.entries();
+                        enum_.hasMoreElements();) {
+                ZipEntry ze = enum_.nextElement();
+
+                if (!ze.getName().startsWith(META_INF)) {
+                    if (verbose != null) {
+                        if (manifest.getAttributes(ze.getName()) != null)
+                          System.out.println(rb.getString(".signing.") +
+                                ze.getName());
+                        else
+                          System.out.println(rb.getString(".adding.") +
+                                ze.getName());
+                    }
+                    writeEntry(zipFile, zos, ze);
+                }
+            }
+        } catch(IOException ioe) {
+            error(rb.getString("unable.to.sign.jar.")+ioe, ioe);
+        } finally {
+            // close the resouces
+            if (zipFile != null) {
+                zipFile.close();
+                zipFile = null;
+            }
+
+            if (zos != null) {
+                zos.close();
+            }
+        }
+
+        // no IOException thrown in the follow try clause, so disable
+        // the try clause.
+        // try {
+            if (signedjar == null) {
+                // attempt an atomic rename. If that fails,
+                // rename the original jar file, then the signed
+                // one, then delete the original.
+                if (!signedJarFile.renameTo(jarFile)) {
+                    File origJar = new File(jarName+".orig");
+
+                    if (jarFile.renameTo(origJar)) {
+                        if (signedJarFile.renameTo(jarFile)) {
+                            origJar.delete();
+                        } else {
+                            MessageFormat form = new MessageFormat(rb.getString
+                        ("attempt.to.rename.signedJarFile.to.jarFile.failed"));
+                            Object[] source = {signedJarFile, jarFile};
+                            error(form.format(source));
+                        }
+                    } else {
+                        MessageFormat form = new MessageFormat(rb.getString
+                            ("attempt.to.rename.jarFile.to.origJar.failed"));
+                        Object[] source = {jarFile, origJar};
+                        error(form.format(source));
+                    }
+                }
+            }
+
+            if (hasExpiredCert || hasExpiringCert || notYetValidCert
+                    || badKeyUsage || badExtendedKeyUsage
+                    || badNetscapeCertType || chainNotValidated) {
+                System.out.println();
+
+                System.out.println(rb.getString("Warning."));
+                if (badKeyUsage) {
+                    System.out.println(
+                        rb.getString("The.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing."));
+                }
+
+                if (badExtendedKeyUsage) {
+                    System.out.println(
+                        rb.getString("The.signer.certificate.s.ExtendedKeyUsage.extension.doesn.t.allow.code.signing."));
+                }
+
+                if (badNetscapeCertType) {
+                    System.out.println(
+                        rb.getString("The.signer.certificate.s.NetscapeCertType.extension.doesn.t.allow.code.signing."));
+                }
+
+                if (hasExpiredCert) {
+                    System.out.println(
+                        rb.getString("The.signer.certificate.has.expired."));
+                } else if (hasExpiringCert) {
+                    System.out.println(
+                        rb.getString("The.signer.certificate.will.expire.within.six.months."));
+                } else if (notYetValidCert) {
+                    System.out.println(
+                        rb.getString("The.signer.certificate.is.not.yet.valid."));
+                }
+
+                if (chainNotValidated) {
+                    System.out.println(
+                            rb.getString("The.signer.s.certificate.chain.is.not.validated."));
+                }
+            }
+
+        // no IOException thrown in the above try clause, so disable
+        // the catch clause.
+        // } catch(IOException ioe) {
+        //     error(rb.getString("unable.to.sign.jar.")+ioe, ioe);
+        // }
+    }
+
+    /**
+     * Find the length of header inside bs. The header is a multiple (>=0)
+     * lines of attributes plus an empty line. The empty line is included
+     * in the header.
+     */
+    @SuppressWarnings("fallthrough")
+    private int findHeaderEnd(byte[] bs) {
+        // Initial state true to deal with empty header
+        boolean newline = true;     // just met a newline
+        int len = bs.length;
+        for (int i=0; i<len; i++) {
+            switch (bs[i]) {
+                case '\r':
+                    if (i < len - 1 && bs[i+1] == '\n') i++;
+                    // fallthrough
+                case '\n':
+                    if (newline) return i+1;    //+1 to get length
+                    newline = true;
+                    break;
+                default:
+                    newline = false;
+            }
+        }
+        // If header end is not found, it means the MANIFEST.MF has only
+        // the main attributes section and it does not end with 2 newlines.
+        // Returns the whole length so that it can be completely replaced.
+        return len;
+    }
+
+    /**
+     * signature-related files include:
+     * . META-INF/MANIFEST.MF
+     * . META-INF/SIG-*
+     * . META-INF/*.SF
+     * . META-INF/*.DSA
+     * . META-INF/*.RSA
+     * . META-INF/*.EC
+     */
+    private boolean signatureRelated(String name) {
+        String ucName = name.toUpperCase(Locale.ENGLISH);
+        if (ucName.equals(JarFile.MANIFEST_NAME) ||
+            ucName.equals(META_INF) ||
+            (ucName.startsWith(SIG_PREFIX) &&
+                ucName.indexOf("/") == ucName.lastIndexOf("/"))) {
+            return true;
+        }
+
+        if (ucName.startsWith(META_INF) &&
+            SignatureFileVerifier.isBlockOrSF(ucName)) {
+            // .SF/.DSA/.RSA/.EC files in META-INF subdirs
+            // are not considered signature-related
+            return (ucName.indexOf("/") == ucName.lastIndexOf("/"));
+        }
+
+        return false;
+    }
+
+    Map<CodeSigner,String> cacheForSignerInfo = new IdentityHashMap<>();
+
+    /**
+     * Returns a string of singer info, with a newline at the end
+     */
+    private String signerInfo(CodeSigner signer, String tab) {
+        if (cacheForSignerInfo.containsKey(signer)) {
+            return cacheForSignerInfo.get(signer);
+        }
+        StringBuffer s = new StringBuffer();
+        List<? extends Certificate> certs = signer.getSignerCertPath().getCertificates();
+        // display the signature timestamp, if present
+        Date timestamp;
+        Timestamp ts = signer.getTimestamp();
+        if (ts != null) {
+            s.append(printTimestamp(tab, ts));
+            s.append('\n');
+            timestamp = ts.getTimestamp();
+        } else {
+            timestamp = null;
+        }
+        // display the certificate(s). The first one is end-entity cert and
+        // its KeyUsage should be checked.
+        boolean first = true;
+        for (Certificate c : certs) {
+            s.append(printCert(tab, c, true, timestamp, first));
+            s.append('\n');
+            first = false;
+        }
+        try {
+            CertPath cp = certificateFactory.generateCertPath(certs);
+            validator.validate(cp, pkixParameters);
+        } catch (Exception e) {
+            if (debug) {
+                e.printStackTrace();
+            }
+            if (e.getCause() != null &&
+                    (e.getCause() instanceof CertificateExpiredException ||
+                     e.getCause() instanceof CertificateNotYetValidException)) {
+                // No more warning, we alreay have hasExpiredCert or notYetValidCert
+            } else {
+                chainNotValidated = true;
+                s.append(tab + rb.getString(".CertPath.not.validated.") +
+                        e.getLocalizedMessage() + "]\n");   // TODO
+            }
+        }
+        String result = s.toString();
+        cacheForSignerInfo.put(signer, result);
+        return result;
+    }
+
+    private void writeEntry(ZipFile zf, ZipOutputStream os, ZipEntry ze)
+    throws IOException
+    {
+        ZipEntry ze2 = new ZipEntry(ze.getName());
+        ze2.setMethod(ze.getMethod());
+        ze2.setTime(ze.getTime());
+        ze2.setComment(ze.getComment());
+        ze2.setExtra(ze.getExtra());
+        if (ze.getMethod() == ZipEntry.STORED) {
+            ze2.setSize(ze.getSize());
+            ze2.setCrc(ze.getCrc());
+        }
+        os.putNextEntry(ze2);
+        writeBytes(zf, ze, os);
+    }
+
+    /**
+     * Writes all the bytes for a given entry to the specified output stream.
+     */
+    private synchronized void writeBytes
+        (ZipFile zf, ZipEntry ze, ZipOutputStream os) throws IOException {
+        int n;
+
+        InputStream is = null;
+        try {
+            is = zf.getInputStream(ze);
+            long left = ze.getSize();
+
+            while((left > 0) && (n = is.read(buffer, 0, buffer.length)) != -1) {
+                os.write(buffer, 0, n);
+                left -= n;
+            }
+        } finally {
+            if (is != null) {
+                is.close();
+            }
+        }
+    }
+
+    void loadKeyStore(String keyStoreName, boolean prompt) {
+
+        if (!nullStream && keyStoreName == null) {
+            keyStoreName = System.getProperty("user.home") + File.separator
+                + ".keystore";
+        }
+
+        try {
+
+            certificateFactory = CertificateFactory.getInstance("X.509");
+            validator = CertPathValidator.getInstance("PKIX");
+            Set<TrustAnchor> tas = new HashSet<>();
+            try {
+                KeyStore caks = KeyStoreUtil.getCacertsKeyStore();
+                if (caks != null) {
+                    Enumeration<String> aliases = caks.aliases();
+                    while (aliases.hasMoreElements()) {
+                        String a = aliases.nextElement();
+                        try {
+                            tas.add(new TrustAnchor((X509Certificate)caks.getCertificate(a), null));
+                        } catch (Exception e2) {
+                            // ignore, when a SecretkeyEntry does not include a cert
+                        }
+                    }
+                }
+            } catch (Exception e) {
+                // Ignore, if cacerts cannot be loaded
+            }
+
+            if (providerName == null) {
+                store = KeyStore.getInstance(storetype);
+            } else {
+                store = KeyStore.getInstance(storetype, providerName);
+            }
+
+            // Get pass phrase
+            // XXX need to disable echo; on UNIX, call getpass(char *prompt)Z
+            // and on NT call ??
+            if (token && storepass == null && !protectedPath
+                    && !KeyStoreUtil.isWindowsKeyStore(storetype)) {
+                storepass = getPass
+                        (rb.getString("Enter.Passphrase.for.keystore."));
+            } else if (!token && storepass == null && prompt) {
+                storepass = getPass
+                        (rb.getString("Enter.Passphrase.for.keystore."));
+            }
+
+            try {
+                if (nullStream) {
+                    store.load(null, storepass);
+                } else {
+                    keyStoreName = keyStoreName.replace(File.separatorChar, '/');
+                    URL url = null;
+                    try {
+                        url = new URL(keyStoreName);
+                    } catch (java.net.MalformedURLException e) {
+                        // try as file
+                        url = new File(keyStoreName).toURI().toURL();
+                    }
+                    InputStream is = null;
+                    try {
+                        is = url.openStream();
+                        store.load(is, storepass);
+                    } finally {
+                        if (is != null) {
+                            is.close();
+                        }
+                    }
+                }
+                Enumeration<String> aliases = store.aliases();
+                while (aliases.hasMoreElements()) {
+                    String a = aliases.nextElement();
+                    try {
+                        X509Certificate c = (X509Certificate)store.getCertificate(a);
+                        // Only add TrustedCertificateEntry and self-signed
+                        // PrivateKeyEntry
+                        if (store.isCertificateEntry(a) ||
+                                c.getSubjectDN().equals(c.getIssuerDN())) {
+                            tas.add(new TrustAnchor(c, null));
+                        }
+                    } catch (Exception e2) {
+                        // ignore, when a SecretkeyEntry does not include a cert
+                    }
+                }
+            } finally {
+                try {
+                    pkixParameters = new PKIXParameters(tas);
+                    pkixParameters.setRevocationEnabled(false);
+                } catch (InvalidAlgorithmParameterException ex) {
+                    // Only if tas is empty
+                }
+            }
+        } catch (IOException ioe) {
+            throw new RuntimeException(rb.getString("keystore.load.") +
+                                        ioe.getMessage());
+        } catch (java.security.cert.CertificateException ce) {
+            throw new RuntimeException(rb.getString("certificate.exception.") +
+                                        ce.getMessage());
+        } catch (NoSuchProviderException pe) {
+            throw new RuntimeException(rb.getString("keystore.load.") +
+                                        pe.getMessage());
+        } catch (NoSuchAlgorithmException nsae) {
+            throw new RuntimeException(rb.getString("keystore.load.") +
+                                        nsae.getMessage());
+        } catch (KeyStoreException kse) {
+            throw new RuntimeException
+                (rb.getString("unable.to.instantiate.keystore.class.") +
+                kse.getMessage());
+        }
+    }
+
+    X509Certificate getTsaCert(String alias) {
+
+        java.security.cert.Certificate cs = null;
+
+        try {
+            cs = store.getCertificate(alias);
+        } catch (KeyStoreException kse) {
+            // this never happens, because keystore has been loaded
+        }
+        if (cs == null || (!(cs instanceof X509Certificate))) {
+            MessageFormat form = new MessageFormat(rb.getString
+                ("Certificate.not.found.for.alias.alias.must.reference.a.valid.KeyStore.entry.containing.an.X.509.public.key.certificate.for.the"));
+            Object[] source = {alias, alias};
+            error(form.format(source));
+        }
+        return (X509Certificate) cs;
+    }
+
+    /**
+     * Check if userCert is designed to be a code signer
+     * @param userCert the certificate to be examined
+     * @param bad 3 booleans to show if the KeyUsage, ExtendedKeyUsage,
+     *            NetscapeCertType has codeSigning flag turned on.
+     *            If null, the class field badKeyUsage, badExtendedKeyUsage,
+     *            badNetscapeCertType will be set.
+     */
+    void checkCertUsage(X509Certificate userCert, boolean[] bad) {
+
+        // Can act as a signer?
+        // 1. if KeyUsage, then [0:digitalSignature] or
+        //    [1:nonRepudiation] should be true
+        // 2. if ExtendedKeyUsage, then should contains ANY or CODE_SIGNING
+        // 3. if NetscapeCertType, then should contains OBJECT_SIGNING
+        // 1,2,3 must be true
+
+        if (bad != null) {
+            bad[0] = bad[1] = bad[2] = false;
+        }
+
+        boolean[] keyUsage = userCert.getKeyUsage();
+        if (keyUsage != null) {
+            keyUsage = Arrays.copyOf(keyUsage, 9);
+            if (!keyUsage[0] && !keyUsage[1]) {
+                if (bad != null) {
+                    bad[0] = true;
+                    badKeyUsage = true;
+                }
+            }
+        }
+
+        try {
+            List<String> xKeyUsage = userCert.getExtendedKeyUsage();
+            if (xKeyUsage != null) {
+                if (!xKeyUsage.contains("2.5.29.37.0") // anyExtendedKeyUsage
+                        && !xKeyUsage.contains("1.3.6.1.5.5.7.3.3")) {  // codeSigning
+                    if (bad != null) {
+                        bad[1] = true;
+                        badExtendedKeyUsage = true;
+                    }
+                }
+            }
+        } catch (java.security.cert.CertificateParsingException e) {
+            // shouldn't happen
+        }
+
+        try {
+            // OID_NETSCAPE_CERT_TYPE
+            byte[] netscapeEx = userCert.getExtensionValue
+                    ("2.16.840.1.113730.1.1");
+            if (netscapeEx != null) {
+                DerInputStream in = new DerInputStream(netscapeEx);
+                byte[] encoded = in.getOctetString();
+                encoded = new DerValue(encoded).getUnalignedBitString()
+                        .toByteArray();
+
+                NetscapeCertTypeExtension extn =
+                        new NetscapeCertTypeExtension(encoded);
+
+                Boolean val = extn.get(NetscapeCertTypeExtension.OBJECT_SIGNING);
+                if (!val) {
+                    if (bad != null) {
+                        bad[2] = true;
+                        badNetscapeCertType = true;
+                    }
+                }
+            }
+        } catch (IOException e) {
+            //
+        }
+    }
+
+    void getAliasInfo(String alias) {
+
+        Key key = null;
+
+        try {
+            java.security.cert.Certificate[] cs = null;
+            if (altCertChain != null) {
+                try {
+                    cs = CertificateFactory.getInstance("X.509").
+                            generateCertificates(new FileInputStream(altCertChain)).
+                            toArray(new Certificate[0]);
+                } catch (CertificateException ex) {
+                    error(rb.getString("Cannot.restore.certchain.from.file.specified"));
+                } catch (FileNotFoundException ex) {
+                    error(rb.getString("File.specified.by.certchain.does.not.exist"));
+                }
+            } else {
+                try {
+                    cs = store.getCertificateChain(alias);
+                } catch (KeyStoreException kse) {
+                    // this never happens, because keystore has been loaded
+                }
+            }
+            if (cs == null || cs.length == 0) {
+                if (altCertChain != null) {
+                    error(rb.getString
+                            ("Certificate.chain.not.found.in.the.file.specified."));
+                } else {
+                    MessageFormat form = new MessageFormat(rb.getString
+                        ("Certificate.chain.not.found.for.alias.alias.must.reference.a.valid.KeyStore.key.entry.containing.a.private.key.and"));
+                    Object[] source = {alias, alias};
+                    error(form.format(source));
+                }
+            }
+
+            certChain = new X509Certificate[cs.length];
+            for (int i=0; i<cs.length; i++) {
+                if (!(cs[i] instanceof X509Certificate)) {
+                    error(rb.getString
+                        ("found.non.X.509.certificate.in.signer.s.chain"));
+                }
+                certChain[i] = (X509Certificate)cs[i];
+            }
+
+            // We don't meant to print anything, the next call
+            // checks validity and keyUsage etc
+            printCert("", certChain[0], true, null, true);
+
+            try {
+                CertPath cp = certificateFactory.generateCertPath(Arrays.asList(certChain));
+                validator.validate(cp, pkixParameters);
+            } catch (Exception e) {
+                if (debug) {
+                    e.printStackTrace();
+                }
+                if (e.getCause() != null &&
+                        (e.getCause() instanceof CertificateExpiredException ||
+                        e.getCause() instanceof CertificateNotYetValidException)) {
+                    // No more warning, we alreay have hasExpiredCert or notYetValidCert
+                } else {
+                    chainNotValidated = true;
+                }
+            }
+
+            try {
+                if (!token && keypass == null)
+                    key = store.getKey(alias, storepass);
+                else
+                    key = store.getKey(alias, keypass);
+            } catch (UnrecoverableKeyException e) {
+                if (token) {
+                    throw e;
+                } else if (keypass == null) {
+                    // Did not work out, so prompt user for key password
+                    MessageFormat form = new MessageFormat(rb.getString
+                        ("Enter.key.password.for.alias."));
+                    Object[] source = {alias};
+                    keypass = getPass(form.format(source));
+                    key = store.getKey(alias, keypass);
+                }
+            }
+        } catch (NoSuchAlgorithmException e) {
+            error(e.getMessage());
+        } catch (UnrecoverableKeyException e) {
+            error(rb.getString("unable.to.recover.key.from.keystore"));
+        } catch (KeyStoreException kse) {
+            // this never happens, because keystore has been loaded
+        }
+
+        if (!(key instanceof PrivateKey)) {
+            MessageFormat form = new MessageFormat(rb.getString
+                ("key.associated.with.alias.not.a.private.key"));
+            Object[] source = {alias};
+            error(form.format(source));
+        } else {
+            privateKey = (PrivateKey)key;
+        }
+    }
+
+    void error(String message)
+    {
+        System.out.println(rb.getString("jarsigner.")+message);
+        System.exit(1);
+    }
+
+
+    void error(String message, Exception e)
+    {
+        System.out.println(rb.getString("jarsigner.")+message);
+        if (debug) {
+            e.printStackTrace();
+        }
+        System.exit(1);
+    }
+
+    char[] getPass(String prompt)
+    {
+        System.err.print(prompt);
+        System.err.flush();
+        try {
+            char[] pass = Password.readPassword(System.in);
+
+            if (pass == null) {
+                error(rb.getString("you.must.enter.key.password"));
+            } else {
+                return pass;
+            }
+        } catch (IOException ioe) {
+            error(rb.getString("unable.to.read.password.")+ioe.getMessage());
+        }
+        // this shouldn't happen
+        return null;
+    }
+
+    /*
+     * Reads all the bytes for a given zip entry.
+     */
+    private synchronized byte[] getBytes(ZipFile zf,
+                                         ZipEntry ze) throws IOException {
+        int n;
+
+        InputStream is = null;
+        try {
+            is = zf.getInputStream(ze);
+            baos.reset();
+            long left = ze.getSize();
+
+            while((left > 0) && (n = is.read(buffer, 0, buffer.length)) != -1) {
+                baos.write(buffer, 0, n);
+                left -= n;
+            }
+        } finally {
+            if (is != null) {
+                is.close();
+            }
+        }
+
+        return baos.toByteArray();
+    }
+
+    /*
+     * Returns manifest entry from given jar file, or null if given jar file
+     * does not have a manifest entry.
+     */
+    private ZipEntry getManifestFile(ZipFile zf) {
+        ZipEntry ze = zf.getEntry(JarFile.MANIFEST_NAME);
+        if (ze == null) {
+            // Check all entries for matching name
+            Enumeration<? extends ZipEntry> enum_ = zf.entries();
+            while (enum_.hasMoreElements() && ze == null) {
+                ze = enum_.nextElement();
+                if (!JarFile.MANIFEST_NAME.equalsIgnoreCase
+                    (ze.getName())) {
+                    ze = null;
+                }
+            }
+        }
+        return ze;
+    }
+
+    /*
+     * Computes the digests of a zip entry, and returns them as an array
+     * of base64-encoded strings.
+     */
+    private synchronized String[] getDigests(ZipEntry ze, ZipFile zf,
+                                             MessageDigest[] digests,
+                                             BASE64Encoder encoder)
+        throws IOException {
+
+        int n, i;
+        InputStream is = null;
+        try {
+            is = zf.getInputStream(ze);
+            long left = ze.getSize();
+            while((left > 0)
+                && (n = is.read(buffer, 0, buffer.length)) != -1) {
+                for (i=0; i<digests.length; i++) {
+                    digests[i].update(buffer, 0, n);
+                }
+                left -= n;
+            }
+        } finally {
+            if (is != null) {
+                is.close();
+            }
+        }
+
+        // complete the digests
+        String[] base64Digests = new String[digests.length];
+        for (i=0; i<digests.length; i++) {
+            base64Digests[i] = encoder.encode(digests[i].digest());
+        }
+        return base64Digests;
+    }
+
+    /*
+     * Computes the digests of a zip entry, and returns them as a list of
+     * attributes
+     */
+    private Attributes getDigestAttributes(ZipEntry ze, ZipFile zf,
+                                           MessageDigest[] digests,
+                                           BASE64Encoder encoder)
+        throws IOException {
+
+        String[] base64Digests = getDigests(ze, zf, digests, encoder);
+        Attributes attrs = new Attributes();
+
+        for (int i=0; i<digests.length; i++) {
+            attrs.putValue(digests[i].getAlgorithm()+"-Digest",
+                           base64Digests[i]);
+        }
+        return attrs;
+    }
+
+    /*
+     * Updates the digest attributes of a manifest entry, by adding or
+     * replacing digest values.
+     * A digest value is added if the manifest entry does not contain a digest
+     * for that particular algorithm.
+     * A digest value is replaced if it is obsolete.
+     *
+     * Returns true if the manifest entry has been changed, and false
+     * otherwise.
+     */
+    private boolean updateDigests(ZipEntry ze, ZipFile zf,
+                                  MessageDigest[] digests,
+                                  BASE64Encoder encoder,
+                                  Manifest mf) throws IOException {
+        boolean update = false;
+
+        Attributes attrs = mf.getAttributes(ze.getName());
+        String[] base64Digests = getDigests(ze, zf, digests, encoder);
+
+        for (int i=0; i<digests.length; i++) {
+            // The entry name to be written into attrs
+            String name = null;
+            try {
+                // Find if the digest already exists
+                AlgorithmId aid = AlgorithmId.get(digests[i].getAlgorithm());
+                for (Object key: attrs.keySet()) {
+                    if (key instanceof Attributes.Name) {
+                        String n = ((Attributes.Name)key).toString();
+                        if (n.toUpperCase(Locale.ENGLISH).endsWith("-DIGEST")) {
+                            String tmp = n.substring(0, n.length() - 7);
+                            if (AlgorithmId.get(tmp).equals(aid)) {
+                                name = n;
+                                break;
+                            }
+                        }
+                    }
+                }
+            } catch (NoSuchAlgorithmException nsae) {
+                // Ignored. Writing new digest entry.
+            }
+
+            if (name == null) {
+                name = digests[i].getAlgorithm()+"-Digest";
+                attrs.putValue(name, base64Digests[i]);
+                update=true;
+            } else {
+                // compare digests, and replace the one in the manifest
+                // if they are different
+                String mfDigest = attrs.getValue(name);
+                if (!mfDigest.equalsIgnoreCase(base64Digests[i])) {
+                    attrs.putValue(name, base64Digests[i]);
+                    update=true;
+                }
+            }
+        }
+        return update;
+    }
+
+    /*
+     * Try to load the specified signing mechanism.
+     * The URL class loader is used.
+     */
+    private ContentSigner loadSigningMechanism(String signerClassName,
+        String signerClassPath) throws Exception {
+
+        // construct class loader
+        String cpString = null;   // make sure env.class.path defaults to dot
+
+        // do prepends to get correct ordering
+        cpString = PathList.appendPath(System.getProperty("env.class.path"), cpString);
+        cpString = PathList.appendPath(System.getProperty("java.class.path"), cpString);
+        cpString = PathList.appendPath(signerClassPath, cpString);
+        URL[] urls = PathList.pathToURLs(cpString);
+        ClassLoader appClassLoader = new URLClassLoader(urls);
+
+        // attempt to find signer
+        Class<?> signerClass = appClassLoader.loadClass(signerClassName);
+
+        // Check that it implements ContentSigner
+        Object signer = signerClass.newInstance();
+        if (!(signer instanceof ContentSigner)) {
+            MessageFormat form = new MessageFormat(
+                rb.getString("signerClass.is.not.a.signing.mechanism"));
+            Object[] source = {signerClass.getName()};
+            throw new IllegalArgumentException(form.format(source));
+        }
+        return (ContentSigner)signer;
+    }
+}
+
+/**
+ * This is a BASE64Encoder that does not insert a default newline at the end of
+ * every output line. This is necessary because java.util.jar does its own
+ * line management (see Manifest.make72Safe()). Inserting additional new lines
+ * can cause line-wrapping problems (see CR 6219522).
+ */
+class JarBASE64Encoder extends BASE64Encoder {
+    /**
+     * Encode the suffix that ends every output line.
+     */
+    protected void encodeLineSuffix(OutputStream aStream) throws IOException { }
+}
+
+class SignatureFile {
+
+    /** SignatureFile */
+    Manifest sf;
+
+    /** .SF base name */
+    String baseName;
+
+    public SignatureFile(MessageDigest digests[],
+                         Manifest mf,
+                         ManifestDigester md,
+                         String baseName,
+                         boolean signManifest)
+
+    {
+        this.baseName = baseName;
+
+        String version = System.getProperty("java.version");
+        String javaVendor = System.getProperty("java.vendor");
+
+        sf = new Manifest();
+        Attributes mattr = sf.getMainAttributes();
+        BASE64Encoder encoder = new JarBASE64Encoder();
+
+        mattr.putValue(Attributes.Name.SIGNATURE_VERSION.toString(), "1.0");
+        mattr.putValue("Created-By", version + " (" + javaVendor + ")");
+
+        if (signManifest) {
+            // sign the whole manifest
+            for (int i=0; i < digests.length; i++) {
+                mattr.putValue(digests[i].getAlgorithm()+"-Digest-Manifest",
+                               encoder.encode(md.manifestDigest(digests[i])));
+            }
+        }
+
+        // create digest of the manifest main attributes
+        ManifestDigester.Entry mde =
+                md.get(ManifestDigester.MF_MAIN_ATTRS, false);
+        if (mde != null) {
+            for (int i=0; i < digests.length; i++) {
+                mattr.putValue(digests[i].getAlgorithm() +
+                        "-Digest-" + ManifestDigester.MF_MAIN_ATTRS,
+                        encoder.encode(mde.digest(digests[i])));
+            }
+        } else {
+            throw new IllegalStateException
+                ("ManifestDigester failed to create " +
+                "Manifest-Main-Attribute entry");
+        }
+
+        /* go through the manifest entries and create the digests */
+
+        Map<String,Attributes> entries = sf.getEntries();
+        Iterator<Map.Entry<String,Attributes>> mit =
+                                mf.getEntries().entrySet().iterator();
+        while(mit.hasNext()) {
+            Map.Entry<String,Attributes> e = mit.next();
+            String name = e.getKey();
+            mde = md.get(name, false);
+            if (mde != null) {
+                Attributes attr = new Attributes();
+                for (int i=0; i < digests.length; i++) {
+                    attr.putValue(digests[i].getAlgorithm()+"-Digest",
+                                  encoder.encode(mde.digest(digests[i])));
+                }
+                entries.put(name, attr);
+            }
+        }
+    }
+
+    /**
+     * Writes the SignatureFile to the specified OutputStream.
+     *
+     * @param out the output stream
+     * @exception IOException if an I/O error has occurred
+     */
+
+    public void write(OutputStream out) throws IOException
+    {
+        sf.write(out);
+    }
+
+    /**
+     * get .SF file name
+     */
+    public String getMetaName()
+    {
+        return "META-INF/"+ baseName + ".SF";
+    }
+
+    /**
+     * get base file name
+     */
+    public String getBaseName()
+    {
+        return baseName;
+    }
+
+    /*
+     * Generate a signed data block.
+     * If a URL or a certificate (containing a URL) for a Timestamping
+     * Authority is supplied then a signature timestamp is generated and
+     * inserted into the signed data block.
+     *
+     * @param sigalg signature algorithm to use, or null to use default
+     * @param tsaUrl The location of the Timestamping Authority. If null
+     *               then no timestamp is requested.
+     * @param tsaCert The certificate for the Timestamping Authority. If null
+     *               then no timestamp is requested.
+     * @param signingMechanism The signing mechanism to use.
+     * @param args The command-line arguments to jarsigner.
+     * @param zipFile The original source Zip file.
+     */
+    public Block generateBlock(PrivateKey privateKey,
+                               String sigalg,
+                               X509Certificate[] certChain,
+                               boolean externalSF, String tsaUrl,
+                               X509Certificate tsaCert,
+                               ContentSigner signingMechanism,
+                               String[] args, ZipFile zipFile)
+        throws NoSuchAlgorithmException, InvalidKeyException, IOException,
+            SignatureException, CertificateException
+    {
+        return new Block(this, privateKey, sigalg, certChain, externalSF,
+                tsaUrl, tsaCert, signingMechanism, args, zipFile);
+    }
+
+
+    public static class Block {
+
+        private byte[] block;
+        private String blockFileName;
+
+        /*
+         * Construct a new signature block.
+         */
+        Block(SignatureFile sfg, PrivateKey privateKey, String sigalg,
+            X509Certificate[] certChain, boolean externalSF, String tsaUrl,
+            X509Certificate tsaCert, ContentSigner signingMechanism,
+            String[] args, ZipFile zipFile)
+            throws NoSuchAlgorithmException, InvalidKeyException, IOException,
+            SignatureException, CertificateException {
+
+            Principal issuerName = certChain[0].getIssuerDN();
+            if (!(issuerName instanceof X500Name)) {
+                // must extract the original encoded form of DN for subsequent
+                // name comparison checks (converting to a String and back to
+                // an encoded DN could cause the types of String attribute
+                // values to be changed)
+                X509CertInfo tbsCert = new
+                    X509CertInfo(certChain[0].getTBSCertificate());
+                issuerName = (Principal)
+                    tbsCert.get(CertificateIssuerName.NAME + "." +
+                                CertificateIssuerName.DN_NAME);
+            }
+            BigInteger serial = certChain[0].getSerialNumber();
+
+            String signatureAlgorithm;
+            String keyAlgorithm = privateKey.getAlgorithm();
+            /*
+             * If no signature algorithm was specified, we choose a
+             * default that is compatible with the private key algorithm.
+             */
+            if (sigalg == null) {
+
+                if (keyAlgorithm.equalsIgnoreCase("DSA"))
+                    signatureAlgorithm = "SHA1withDSA";
+                else if (keyAlgorithm.equalsIgnoreCase("RSA"))
+                    signatureAlgorithm = "SHA256withRSA";
+                else if (keyAlgorithm.equalsIgnoreCase("EC"))
+                    signatureAlgorithm = "SHA256withECDSA";
+                else
+                    throw new RuntimeException("private key is not a DSA or "
+                                               + "RSA key");
+            } else {
+                signatureAlgorithm = sigalg;
+            }
+
+            // check common invalid key/signature algorithm combinations
+            String sigAlgUpperCase = signatureAlgorithm.toUpperCase(Locale.ENGLISH);
+            if ((sigAlgUpperCase.endsWith("WITHRSA") &&
+                !keyAlgorithm.equalsIgnoreCase("RSA")) ||
+                (sigAlgUpperCase.endsWith("WITHECDSA") &&
+                !keyAlgorithm.equalsIgnoreCase("EC")) ||
+                (sigAlgUpperCase.endsWith("WITHDSA") &&
+                !keyAlgorithm.equalsIgnoreCase("DSA"))) {
+                throw new SignatureException
+                    ("private key algorithm is not compatible with signature algorithm");
+            }
+
+            blockFileName = "META-INF/"+sfg.getBaseName()+"."+keyAlgorithm;
+
+            AlgorithmId sigAlg = AlgorithmId.get(signatureAlgorithm);
+            AlgorithmId digEncrAlg = AlgorithmId.get(keyAlgorithm);
+
+            Signature sig = Signature.getInstance(signatureAlgorithm);
+            sig.initSign(privateKey);
+
+            ByteArrayOutputStream baos = new ByteArrayOutputStream();
+            sfg.write(baos);
+
+            byte[] content = baos.toByteArray();
+
+            sig.update(content);
+            byte[] signature = sig.sign();
+
+            // Timestamp the signature and generate the signature block file
+            if (signingMechanism == null) {
+                signingMechanism = new TimestampedSigner();
+            }
+            URI tsaUri = null;
+            try {
+                if (tsaUrl != null) {
+                    tsaUri = new URI(tsaUrl);
+                }
+            } catch (URISyntaxException e) {
+                throw new IOException(e);
+            }
+
+            // Assemble parameters for the signing mechanism
+            ContentSignerParameters params =
+                new JarSignerParameters(args, tsaUri, tsaCert, signature,
+                    signatureAlgorithm, certChain, content, zipFile);
+
+            // Generate the signature block
+            block = signingMechanism.generateSignedData(
+                    params, externalSF, (tsaUrl != null || tsaCert != null));
+        }
+
+        /*
+         * get block file name.
+         */
+        public String getMetaName()
+        {
+            return blockFileName;
+        }
+
+        /**
+         * Writes the block file to the specified OutputStream.
+         *
+         * @param out the output stream
+         * @exception IOException if an I/O error has occurred
+         */
+
+        public void write(OutputStream out) throws IOException
+        {
+            out.write(block);
+        }
+    }
+}
+
+
+/*
+ * This object encapsulates the parameters used to perform content signing.
+ */
+class JarSignerParameters implements ContentSignerParameters {
+
+    private String[] args;
+    private URI tsa;
+    private X509Certificate tsaCertificate;
+    private byte[] signature;
+    private String signatureAlgorithm;
+    private X509Certificate[] signerCertificateChain;
+    private byte[] content;
+    private ZipFile source;
+
+    /**
+     * Create a new object.
+     */
+    JarSignerParameters(String[] args, URI tsa, X509Certificate tsaCertificate,
+        byte[] signature, String signatureAlgorithm,
+        X509Certificate[] signerCertificateChain, byte[] content,
+        ZipFile source) {
+
+        if (signature == null || signatureAlgorithm == null ||
+            signerCertificateChain == null) {
+            throw new NullPointerException();
+        }
+        this.args = args;
+        this.tsa = tsa;
+        this.tsaCertificate = tsaCertificate;
+        this.signature = signature;
+        this.signatureAlgorithm = signatureAlgorithm;
+        this.signerCertificateChain = signerCertificateChain;
+        this.content = content;
+        this.source = source;
+    }
+
+    /**
+     * Retrieves the command-line arguments.
+     *
+     * @return The command-line arguments. May be null.
+     */
+    public String[] getCommandLine() {
+        return args;
+    }
+
+    /**
+     * Retrieves the identifier for a Timestamping Authority (TSA).
+     *
+     * @return The TSA identifier. May be null.
+     */
+    public URI getTimestampingAuthority() {
+        return tsa;
+    }
+
+    /**
+     * Retrieves the certificate for a Timestamping Authority (TSA).
+     *
+     * @return The TSA certificate. May be null.
+     */
+    public X509Certificate getTimestampingAuthorityCertificate() {
+        return tsaCertificate;
+    }
+
+    /**
+     * Retrieves the signature.
+     *
+     * @return The non-null signature bytes.
+     */
+    public byte[] getSignature() {
+        return signature;
+    }
+
+    /**
+     * Retrieves the name of the signature algorithm.
+     *
+     * @return The non-null string name of the signature algorithm.
+     */
+    public String getSignatureAlgorithm() {
+        return signatureAlgorithm;
+    }
+
+    /**
+     * Retrieves the signer's X.509 certificate chain.
+     *
+     * @return The non-null array of X.509 public-key certificates.
+     */
+    public X509Certificate[] getSignerCertificateChain() {
+        return signerCertificateChain;
+    }
+
+    /**
+     * Retrieves the content that was signed.
+     *
+     * @return The content bytes. May be null.
+     */
+    public byte[] getContent() {
+        return content;
+    }
+
+    /**
+     * Retrieves the original source ZIP file before it was signed.
+     *
+     * @return The original ZIP file. May be null.
+     */
+    public ZipFile getSource() {
+        return source;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/jarsigner/Resources.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,247 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.jarsigner;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for JarSigner.
+ *
+ */
+public class Resources extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+
+        // shared (from jarsigner)
+        {"SPACE", " "},
+        {"2SPACE", "  "},
+        {"6SPACE", "      "},
+        {"COMMA", ", "},
+
+        {"provName.not.a.provider", "{0} not a provider"},
+        {"signerClass.is.not.a.signing.mechanism", "{0} is not a signing mechanism"},
+        {"jarsigner.error.", "jarsigner error: "},
+        {"Illegal.option.", "Illegal option: "},
+        {".keystore.must.be.NONE.if.storetype.is.{0}",
+                "-keystore must be NONE if -storetype is {0}"},
+        {".keypass.can.not.be.specified.if.storetype.is.{0}",
+                "-keypass can not be specified if -storetype is {0}"},
+        {"If.protected.is.specified.then.storepass.and.keypass.must.not.be.specified",
+                "If -protected is specified, then -storepass and -keypass must not be specified"},
+        {"If.keystore.is.not.password.protected.then.storepass.and.keypass.must.not.be.specified",
+                 "If keystore is not password protected, then -storepass and -keypass must not be specified"},
+        {"Usage.jarsigner.options.jar.file.alias",
+                "Usage: jarsigner [options] jar-file alias"},
+        {".jarsigner.verify.options.jar.file.alias.",
+                "       jarsigner -verify [options] jar-file [alias...]"},
+        {".keystore.url.keystore.location",
+                "[-keystore <url>]           keystore location"},
+        {".storepass.password.password.for.keystore.integrity",
+            "[-storepass <password>]     password for keystore integrity"},
+        {".storetype.type.keystore.type",
+                "[-storetype <type>]         keystore type"},
+        {".keypass.password.password.for.private.key.if.different.",
+                "[-keypass <password>]       password for private key (if different)"},
+        {".certchain.file.name.of.alternative.certchain.file",
+                "[-certchain <file>]         name of alternative certchain file"},
+        {".sigfile.file.name.of.SF.DSA.file",
+                "[-sigfile <file>]           name of .SF/.DSA file"},
+        {".signedjar.file.name.of.signed.JAR.file",
+                "[-signedjar <file>]         name of signed JAR file"},
+        {".digestalg.algorithm.name.of.digest.algorithm",
+                "[-digestalg <algorithm>]    name of digest algorithm"},
+        {".sigalg.algorithm.name.of.signature.algorithm",
+                "[-sigalg <algorithm>]       name of signature algorithm"},
+        {".verify.verify.a.signed.JAR.file",
+                "[-verify]                   verify a signed JAR file"},
+        {".verbose.suboptions.verbose.output.when.signing.verifying.",
+                "[-verbose[:suboptions]]     verbose output when signing/verifying."},
+        {".suboptions.can.be.all.grouped.or.summary",
+                "                            suboptions can be all, grouped or summary"},
+        {".certs.display.certificates.when.verbose.and.verifying",
+                "[-certs]                    display certificates when verbose and verifying"},
+        {".tsa.url.location.of.the.Timestamping.Authority",
+                "[-tsa <url>]                location of the Timestamping Authority"},
+        {".tsacert.alias.public.key.certificate.for.Timestamping.Authority",
+                "[-tsacert <alias>]          public key certificate for Timestamping Authority"},
+        {".altsigner.class.class.name.of.an.alternative.signing.mechanism",
+                "[-altsigner <class>]        class name of an alternative signing mechanism"},
+        {".altsignerpath.pathlist.location.of.an.alternative.signing.mechanism",
+                "[-altsignerpath <pathlist>] location of an alternative signing mechanism"},
+        {".internalsf.include.the.SF.file.inside.the.signature.block",
+                "[-internalsf]               include the .SF file inside the signature block"},
+        {".sectionsonly.don.t.compute.hash.of.entire.manifest",
+                "[-sectionsonly]             don't compute hash of entire manifest"},
+        {".protected.keystore.has.protected.authentication.path",
+                "[-protected]                keystore has protected authentication path"},
+        {".providerName.name.provider.name",
+                "[-providerName <name>]      provider name"},
+        {".providerClass.class.name.of.cryptographic.service.provider.s",
+                "[-providerClass <class>     name of cryptographic service provider's"},
+        {".providerArg.arg.master.class.file.and.constructor.argument",
+                "  [-providerArg <arg>]] ... master class file and constructor argument"},
+        {".strict.treat.warnings.as.errors",
+                "[-strict]                   treat warnings as errors"},
+        {"Option.lacks.argument", "Option lacks argument"},
+        {"Please.type.jarsigner.help.for.usage", "Please type jarsigner -help for usage"},
+        {"Please.specify.jarfile.name", "Please specify jarfile name"},
+        {"Please.specify.alias.name", "Please specify alias name"},
+        {"Only.one.alias.can.be.specified", "Only one alias can be specified"},
+        {"This.jar.contains.signed.entries.which.is.not.signed.by.the.specified.alias.es.",
+                 "This jar contains signed entries which is not signed by the specified alias(es)."},
+        {"This.jar.contains.signed.entries.that.s.not.signed.by.alias.in.this.keystore.",
+                  "This jar contains signed entries that's not signed by alias in this keystore."},
+        {"s", "s"},
+        {"m", "m"},
+        {"k", "k"},
+        {"i", "i"},
+        {".and.d.more.", "(and %d more)"},
+        {".s.signature.was.verified.",
+                "  s = signature was verified "},
+        {".m.entry.is.listed.in.manifest",
+                "  m = entry is listed in manifest"},
+        {".k.at.least.one.certificate.was.found.in.keystore",
+                "  k = at least one certificate was found in keystore"},
+        {".i.at.least.one.certificate.was.found.in.identity.scope",
+                "  i = at least one certificate was found in identity scope"},
+        {".X.not.signed.by.specified.alias.es.",
+                "  X = not signed by specified alias(es)"},
+        {"no.manifest.", "no manifest."},
+        {".Signature.related.entries.","(Signature related entries)"},
+        {".Unsigned.entries.", "(Unsigned entries)"},
+        {"jar.is.unsigned.signatures.missing.or.not.parsable.",
+                "jar is unsigned. (signatures missing or not parsable)"},
+        {"jar.verified.", "jar verified."},
+        {"jarsigner.", "jarsigner: "},
+        {"signature.filename.must.consist.of.the.following.characters.A.Z.0.9.or.",
+                "signature filename must consist of the following characters: A-Z, 0-9, _ or -"},
+        {"unable.to.open.jar.file.", "unable to open jar file: "},
+        {"unable.to.create.", "unable to create: "},
+        {".adding.", "   adding: "},
+        {".updating.", " updating: "},
+        {".signing.", "  signing: "},
+        {"attempt.to.rename.signedJarFile.to.jarFile.failed",
+                "attempt to rename {0} to {1} failed"},
+        {"attempt.to.rename.jarFile.to.origJar.failed",
+                "attempt to rename {0} to {1} failed"},
+        {"unable.to.sign.jar.", "unable to sign jar: "},
+        {"Enter.Passphrase.for.keystore.", "Enter Passphrase for keystore: "},
+        {"keystore.load.", "keystore load: "},
+        {"certificate.exception.", "certificate exception: "},
+        {"unable.to.instantiate.keystore.class.",
+                "unable to instantiate keystore class: "},
+        {"Certificate.chain.not.found.for.alias.alias.must.reference.a.valid.KeyStore.key.entry.containing.a.private.key.and",
+                "Certificate chain not found for: {0}.  {1} must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain."},
+        {"File.specified.by.certchain.does.not.exist",
+                "File specified by -certchain does not exist"},
+        {"Cannot.restore.certchain.from.file.specified",
+                "Cannot restore certchain from file specified"},
+        {"Certificate.chain.not.found.in.the.file.specified.",
+                "Certificate chain not found in the file specified."},
+        {"found.non.X.509.certificate.in.signer.s.chain",
+                "found non-X.509 certificate in signer's chain"},
+        {"incomplete.certificate.chain", "incomplete certificate chain"},
+        {"Enter.key.password.for.alias.", "Enter key password for {0}: "},
+        {"unable.to.recover.key.from.keystore",
+                "unable to recover key from keystore"},
+        {"key.associated.with.alias.not.a.private.key",
+                "key associated with {0} not a private key"},
+        {"you.must.enter.key.password", "you must enter key password"},
+        {"unable.to.read.password.", "unable to read password: "},
+        {"certificate.is.valid.from", "certificate is valid from {0} to {1}"},
+        {"certificate.expired.on", "certificate expired on {0}"},
+        {"certificate.is.not.valid.until",
+                "certificate is not valid until {0}"},
+        {"certificate.will.expire.on", "certificate will expire on {0}"},
+        {".CertPath.not.validated.", "[CertPath not validated: "},
+        {"requesting.a.signature.timestamp",
+                "requesting a signature timestamp"},
+        {"TSA.location.", "TSA location: "},
+        {"TSA.certificate.", "TSA certificate: "},
+        {"no.response.from.the.Timestamping.Authority.",
+                "no response from the Timestamping Authority. When connecting"
+                + " from behind a firewall an HTTP or HTTPS proxy may need to"
+                + " be specified. Supply the following options to jarsigner:"},
+        {"or", "or"},
+        {"Certificate.not.found.for.alias.alias.must.reference.a.valid.KeyStore.entry.containing.an.X.509.public.key.certificate.for.the",
+                "Certificate not found for: {0}.  {1} must reference a valid KeyStore entry containing an X.509 public key certificate for the Timestamping Authority."},
+        {"using.an.alternative.signing.mechanism",
+                "using an alternative signing mechanism"},
+        {"entry.was.signed.on", "entry was signed on {0}"},
+        {"Warning.", "Warning: "},
+        {"This.jar.contains.unsigned.entries.which.have.not.been.integrity.checked.",
+                "This jar contains unsigned entries which have not been integrity-checked. "},
+        {"This.jar.contains.entries.whose.signer.certificate.has.expired.",
+                "This jar contains entries whose signer certificate has expired. "},
+        {"This.jar.contains.entries.whose.signer.certificate.will.expire.within.six.months.",
+                "This jar contains entries whose signer certificate will expire within six months. "},
+        {"This.jar.contains.entries.whose.signer.certificate.is.not.yet.valid.",
+                "This jar contains entries whose signer certificate is not yet valid. "},
+        {"Re.run.with.the.verbose.option.for.more.details.",
+                "Re-run with the -verbose option for more details."},
+        {"Re.run.with.the.verbose.and.certs.options.for.more.details.",
+                "Re-run with the -verbose and -certs options for more details."},
+        {"The.signer.certificate.has.expired.",
+                "The signer certificate has expired."},
+        {"The.signer.certificate.will.expire.within.six.months.",
+                "The signer certificate will expire within six months."},
+        {"The.signer.certificate.is.not.yet.valid.",
+                "The signer certificate is not yet valid."},
+        {"The.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing.",
+                 "The signer certificate's KeyUsage extension doesn't allow code signing."},
+        {"The.signer.certificate.s.ExtendedKeyUsage.extension.doesn.t.allow.code.signing.",
+                 "The signer certificate's ExtendedKeyUsage extension doesn't allow code signing."},
+        {"The.signer.certificate.s.NetscapeCertType.extension.doesn.t.allow.code.signing.",
+                 "The signer certificate's NetscapeCertType extension doesn't allow code signing."},
+        {"This.jar.contains.entries.whose.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing.",
+                 "This jar contains entries whose signer certificate's KeyUsage extension doesn't allow code signing."},
+        {"This.jar.contains.entries.whose.signer.certificate.s.ExtendedKeyUsage.extension.doesn.t.allow.code.signing.",
+                 "This jar contains entries whose signer certificate's ExtendedKeyUsage extension doesn't allow code signing."},
+        {"This.jar.contains.entries.whose.signer.certificate.s.NetscapeCertType.extension.doesn.t.allow.code.signing.",
+                 "This jar contains entries whose signer certificate's NetscapeCertType extension doesn't allow code signing."},
+        {".{0}.extension.does.not.support.code.signing.",
+                 "[{0} extension does not support code signing]"},
+        {"The.signer.s.certificate.chain.is.not.validated.",
+                "The signer's certificate chain is not validated."},
+        {"This.jar.contains.entries.whose.certificate.chain.is.not.validated.",
+                 "This jar contains entries whose certificate chain is not validated."},
+        {"Unknown.password.type.", "Unknown password type: "},
+        {"Cannot.find.environment.variable.",
+                "Cannot find environment variable: "},
+        {"Cannot.find.file.", "Cannot find file: "},
+    };
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/jarsigner/Resources_ja.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,245 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.jarsigner;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for JarSigner.
+ *
+ */
+public class Resources_ja extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+
+        // shared (from jarsigner)
+        {"SPACE", " "},
+        {"2SPACE", "  "},
+        {"6SPACE", "      "},
+        {"COMMA", ", "},
+
+        {"provName.not.a.provider", "{0}\u306F\u30D7\u30ED\u30D0\u30A4\u30C0\u3067\u306F\u3042\u308A\u307E\u305B\u3093"},
+        {"signerClass.is.not.a.signing.mechanism", "{0}\u306F\u7F72\u540D\u30E1\u30AB\u30CB\u30BA\u30E0\u3067\u306F\u3042\u308A\u307E\u305B\u3093"},
+        {"jarsigner.error.", "jarsigner\u30A8\u30E9\u30FC: "},
+        {"Illegal.option.", "\u4E0D\u6B63\u306A\u30AA\u30D7\u30B7\u30E7\u30F3: "},
+        {".keystore.must.be.NONE.if.storetype.is.{0}",
+                "-storetype\u304C{0}\u306E\u5834\u5408\u3001-keystore\u306FNONE\u3067\u3042\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059"},
+        {".keypass.can.not.be.specified.if.storetype.is.{0}",
+                "-storetype\u304C{0}\u306E\u5834\u5408\u3001-keypass\u306F\u6307\u5B9A\u3067\u304D\u307E\u305B\u3093"},
+        {"If.protected.is.specified.then.storepass.and.keypass.must.not.be.specified",
+                "-protected\u3092\u6307\u5B9A\u3059\u308B\u5834\u5408\u306F\u3001-storepass\u304A\u3088\u3073-keypass\u3092\u6307\u5B9A\u3057\u306A\u3044\u3067\u304F\u3060\u3055\u3044"},
+        {"If.keystore.is.not.password.protected.then.storepass.and.keypass.must.not.be.specified",
+                 "\u30AD\u30FC\u30B9\u30C8\u30A2\u304C\u30D1\u30B9\u30EF\u30FC\u30C9\u3067\u4FDD\u8B77\u3055\u308C\u3066\u3044\u306A\u3044\u5834\u5408\u3001-storepass\u304A\u3088\u3073-keypass\u3092\u6307\u5B9A\u3057\u306A\u3044\u3067\u304F\u3060\u3055\u3044"},
+        {"Usage.jarsigner.options.jar.file.alias",
+                "\u4F7F\u7528\u65B9\u6CD5: jarsigner [options] jar-file alias"},
+        {".jarsigner.verify.options.jar.file.alias.",
+                "       jarsigner -verify [options] jar-file [alias...]"},
+        {".keystore.url.keystore.location",
+                "[-keystore <url>]       \u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u4F4D\u7F6E"},
+        {".storepass.password.password.for.keystore.integrity",
+            "[-storepass <password>]   \u30AD\u30FC\u30B9\u30C8\u30A2\u6574\u5408\u6027\u306E\u305F\u3081\u306E\u30D1\u30B9\u30EF\u30FC\u30C9"},
+        {".storetype.type.keystore.type",
+                "[-storetype <type>]     \u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u578B"},
+        {".keypass.password.password.for.private.key.if.different.",
+                "[-keypass <password>]    \u79D8\u5BC6\u9375\u306E\u30D1\u30B9\u30EF\u30FC\u30C9(\u7570\u306A\u308B\u5834\u5408)"},
+        {".certchain.file.name.of.alternative.certchain.file",
+                "[-certchain <file>]         \u4EE3\u66FF\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u30FB\u30D5\u30A1\u30A4\u30EB\u306E\u540D\u524D"},
+        {".sigfile.file.name.of.SF.DSA.file",
+                "[-sigfile <file>]       .SF/.DSA\u30D5\u30A1\u30A4\u30EB\u306E\u540D\u524D"},
+        {".signedjar.file.name.of.signed.JAR.file",
+                "[-signedjar <file>]     \u7F72\u540D\u4ED8\u304DJAR\u30D5\u30A1\u30A4\u30EB\u306E\u540D\u524D"},
+        {".digestalg.algorithm.name.of.digest.algorithm",
+                "[-digestalg <algorithm>]  \u30C0\u30A4\u30B8\u30A7\u30B9\u30C8\u30FB\u30A2\u30EB\u30B4\u30EA\u30BA\u30E0\u306E\u540D\u524D"},
+        {".sigalg.algorithm.name.of.signature.algorithm",
+                "[-sigalg <algorithm>]    \u7F72\u540D\u30A2\u30EB\u30B4\u30EA\u30BA\u30E0\u306E\u540D\u524D"},
+        {".verify.verify.a.signed.JAR.file",
+                "[-verify]            \u7F72\u540D\u4ED8\u304DJAR\u30D5\u30A1\u30A4\u30EB\u306E\u691C\u8A3C"},
+        {".verbose.suboptions.verbose.output.when.signing.verifying.",
+                "[-verbose[:suboptions]]     \u7F72\u540D/\u691C\u8A3C\u6642\u306E\u8A73\u7D30\u51FA\u529B\u3002"},
+        {".suboptions.can.be.all.grouped.or.summary",
+                "                            \u30B5\u30D6\u30AA\u30D7\u30B7\u30E7\u30F3\u3068\u3057\u3066\u3001\u3059\u3079\u3066\u3001\u30B0\u30EB\u30FC\u30D7\u307E\u305F\u306F\u30B5\u30DE\u30EA\u30FC\u3092\u4F7F\u7528\u3067\u304D\u307E\u3059"},
+        {".certs.display.certificates.when.verbose.and.verifying",
+                "[-certs]             \u8A73\u7D30\u51FA\u529B\u304A\u3088\u3073\u691C\u8A3C\u6642\u306B\u8A3C\u660E\u66F8\u3092\u8868\u793A"},
+        {".tsa.url.location.of.the.Timestamping.Authority",
+                "[-tsa <url>]          \u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u5C40\u306E\u5834\u6240"},
+        {".tsacert.alias.public.key.certificate.for.Timestamping.Authority",
+                "[-tsacert <alias>]      \u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u5C40\u306E\u516C\u958B\u9375\u8A3C\u660E\u66F8"},
+        {".altsigner.class.class.name.of.an.alternative.signing.mechanism",
+                "[-altsigner <class>]     \u4EE3\u66FF\u7F72\u540D\u30E1\u30AB\u30CB\u30BA\u30E0\u306E\u30AF\u30E9\u30B9\u540D"},
+        {".altsignerpath.pathlist.location.of.an.alternative.signing.mechanism",
+                "[-altsignerpath <pathlist>]\u4EE3\u66FF\u7F72\u540D\u30E1\u30AB\u30CB\u30BA\u30E0\u306E\u4F4D\u7F6E"},
+        {".internalsf.include.the.SF.file.inside.the.signature.block",
+                "[-internalsf]         \u7F72\u540D\u30D6\u30ED\u30C3\u30AF\u306B.SF\u30D5\u30A1\u30A4\u30EB\u3092\u542B\u3081\u308B"},
+        {".sectionsonly.don.t.compute.hash.of.entire.manifest",
+                "[-sectionsonly]        \u30DE\u30CB\u30D5\u30A7\u30B9\u30C8\u5168\u4F53\u306E\u30CF\u30C3\u30B7\u30E5\u306F\u8A08\u7B97\u3057\u306A\u3044"},
+        {".protected.keystore.has.protected.authentication.path",
+                "[-protected]          \u30AD\u30FC\u30B9\u30C8\u30A2\u306B\u306F\u4FDD\u8B77\u3055\u308C\u305F\u8A8D\u8A3C\u30D1\u30B9\u304C\u3042\u308B"},
+        {".providerName.name.provider.name",
+                "[-providerName <name>]   \u30D7\u30ED\u30D0\u30A4\u30C0\u540D"},
+        {".providerClass.class.name.of.cryptographic.service.provider.s",
+                "[-providerClass <class>   \u6697\u53F7\u5316\u30B5\u30FC\u30D3\u30B9\u30FB\u30D7\u30ED\u30D0\u30A4\u30C0\u306E\u540D\u524D"},
+        {".providerArg.arg.master.class.file.and.constructor.argument",
+                "  [-providerArg <arg>]] ... \u30DE\u30B9\u30BF\u30FC\u30FB\u30AF\u30E9\u30B9\u30FB\u30D5\u30A1\u30A4\u30EB\u3068\u30B3\u30F3\u30B9\u30C8\u30E9\u30AF\u30BF\u306E\u5F15\u6570"},
+        {".strict.treat.warnings.as.errors",
+                "[-strict]                   \u8B66\u544A\u3092\u30A8\u30E9\u30FC\u3068\u3057\u3066\u51E6\u7406"},
+        {"Option.lacks.argument", "\u30AA\u30D7\u30B7\u30E7\u30F3\u306B\u5F15\u6570\u304C\u3042\u308A\u307E\u305B\u3093"},
+        {"Please.type.jarsigner.help.for.usage", "\u4F7F\u7528\u65B9\u6CD5\u306B\u3064\u3044\u3066\u306Fjarsigner -help\u3068\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044"},
+        {"Please.specify.jarfile.name", "jarfile\u540D\u3092\u6307\u5B9A\u3057\u3066\u304F\u3060\u3055\u3044"},
+        {"Please.specify.alias.name", "\u5225\u540D\u3092\u6307\u5B9A\u3057\u3066\u304F\u3060\u3055\u3044"},
+        {"Only.one.alias.can.be.specified", "\u5225\u540D\u306F1\u3064\u306E\u307F\u6307\u5B9A\u3067\u304D\u307E\u3059"},
+        {"This.jar.contains.signed.entries.which.is.not.signed.by.the.specified.alias.es.",
+                 "\u3053\u306Ejar\u306B\u542B\u307E\u308C\u308B\u7F72\u540D\u6E08\u30A8\u30F3\u30C8\u30EA\u306F\u3001\u6307\u5B9A\u3055\u308C\u305F\u5225\u540D\u306B\u3088\u3063\u3066\u7F72\u540D\u3055\u308C\u3066\u3044\u307E\u305B\u3093\u3002"},
+        {"This.jar.contains.signed.entries.that.s.not.signed.by.alias.in.this.keystore.",
+                  "\u3053\u306Ejar\u306B\u542B\u307E\u308C\u308B\u7F72\u540D\u6E08\u30A8\u30F3\u30C8\u30EA\u306F\u3001\u3053\u306E\u30AD\u30FC\u30B9\u30C8\u30A2\u5185\u306E\u5225\u540D\u306B\u3088\u3063\u3066\u7F72\u540D\u3055\u308C\u3066\u3044\u307E\u305B\u3093\u3002"},
+        {"s", "s"},
+        {"m", "m"},
+        {"k", "k"},
+        {"i", "i"},
+        {".and.d.more.", "(\u4ED6\u306B\u3082%d\u500B)"},
+        {".s.signature.was.verified.",
+                "  s=\u7F72\u540D\u304C\u691C\u8A3C\u3055\u308C\u307E\u3057\u305F "},
+        {".m.entry.is.listed.in.manifest",
+                "  m=\u30A8\u30F3\u30C8\u30EA\u304C\u30DE\u30CB\u30D5\u30A7\u30B9\u30C8\u5185\u306B\u30EA\u30B9\u30C8\u3055\u308C\u307E\u3059"},
+        {".k.at.least.one.certificate.was.found.in.keystore",
+                "  k=1\u3064\u4EE5\u4E0A\u306E\u8A3C\u660E\u66F8\u304C\u30AD\u30FC\u30B9\u30C8\u30A2\u3067\u691C\u51FA\u3055\u308C\u307E\u3057\u305F"},
+        {".i.at.least.one.certificate.was.found.in.identity.scope",
+                "  i=1\u3064\u4EE5\u4E0A\u306E\u8A3C\u660E\u66F8\u304C\u30A2\u30A4\u30C7\u30F3\u30C6\u30A3\u30C6\u30A3\u30FB\u30B9\u30B3\u30FC\u30D7\u3067\u691C\u51FA\u3055\u308C\u307E\u3057\u305F"},
+        {".X.not.signed.by.specified.alias.es.",
+                "  X =\u6307\u5B9A\u3057\u305F\u5225\u540D\u3067\u7F72\u540D\u3055\u308C\u3066\u3044\u307E\u305B\u3093"},
+        {"no.manifest.", "\u30DE\u30CB\u30D5\u30A7\u30B9\u30C8\u306F\u5B58\u5728\u3057\u307E\u305B\u3093\u3002"},
+        {".Signature.related.entries.","(\u7F72\u540D\u95A2\u9023\u30A8\u30F3\u30C8\u30EA)"},
+        {".Unsigned.entries.", "(\u672A\u7F72\u540D\u306E\u30A8\u30F3\u30C8\u30EA)"},
+        {"jar.is.unsigned.signatures.missing.or.not.parsable.",
+                "jar\u306F\u7F72\u540D\u3055\u308C\u3066\u3044\u307E\u305B\u3093\u3002(\u7F72\u540D\u304C\u898B\u3064\u304B\u3089\u306A\u3044\u304B\u3001\u69CB\u6587\u89E3\u6790\u3067\u304D\u307E\u305B\u3093)"},
+        {"jar.verified.", "jar\u304C\u691C\u8A3C\u3055\u308C\u307E\u3057\u305F\u3002"},
+        {"jarsigner.", "jarsigner: "},
+        {"signature.filename.must.consist.of.the.following.characters.A.Z.0.9.or.",
+                "\u7F72\u540D\u306E\u30D5\u30A1\u30A4\u30EB\u540D\u306B\u4F7F\u7528\u3067\u304D\u308B\u6587\u5B57\u306F\u3001A-Z\u30010-9\u3001_\u3001- \u306E\u307F\u3067\u3059\u3002"},
+        {"unable.to.open.jar.file.", "\u6B21\u306Ejar\u30D5\u30A1\u30A4\u30EB\u3092\u958B\u304F\u3053\u3068\u304C\u3067\u304D\u307E\u305B\u3093: "},
+        {"unable.to.create.", "\u4F5C\u6210\u3067\u304D\u307E\u305B\u3093: "},
+        {".adding.", "   \u8FFD\u52A0\u4E2D: "},
+        {".updating.", " \u66F4\u65B0\u4E2D: "},
+        {".signing.", "  \u7F72\u540D\u4E2D: "},
+        {"attempt.to.rename.signedJarFile.to.jarFile.failed",
+                "{0}\u306E\u540D\u524D\u3092{1}\u306B\u5909\u66F4\u3057\u3088\u3046\u3068\u3057\u307E\u3057\u305F\u304C\u5931\u6557\u3057\u307E\u3057\u305F"},
+        {"attempt.to.rename.jarFile.to.origJar.failed",
+                "{0}\u306E\u540D\u524D\u3092{1}\u306B\u5909\u66F4\u3057\u3088\u3046\u3068\u3057\u307E\u3057\u305F\u304C\u5931\u6557\u3057\u307E\u3057\u305F"},
+        {"unable.to.sign.jar.", "jar\u306B\u7F72\u540D\u3067\u304D\u307E\u305B\u3093: "},
+        {"Enter.Passphrase.for.keystore.", "\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044: "},
+        {"keystore.load.", "\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30ED\u30FC\u30C9: "},
+        {"certificate.exception.", "\u8A3C\u660E\u66F8\u4F8B\u5916: "},
+        {"unable.to.instantiate.keystore.class.",
+                "\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30AF\u30E9\u30B9\u306E\u30A4\u30F3\u30B9\u30BF\u30F3\u30B9\u3092\u751F\u6210\u3067\u304D\u307E\u305B\u3093: "},
+        {"Certificate.chain.not.found.for.alias.alias.must.reference.a.valid.KeyStore.key.entry.containing.a.private.key.and",
+                "\u6B21\u306E\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u304C\u898B\u3064\u304B\u308A\u307E\u305B\u3093: {0}\u3002{1}\u306F\u3001\u79D8\u5BC6\u9375\u304A\u3088\u3073\u5BFE\u5FDC\u3059\u308B\u516C\u958B\u9375\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u3092\u542B\u3080\u6709\u52B9\u306AKeyStore\u9375\u30A8\u30F3\u30C8\u30EA\u3092\u53C2\u7167\u3059\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059\u3002"},
+        {"File.specified.by.certchain.does.not.exist",
+                "-certchain\u3067\u6307\u5B9A\u3055\u308C\u3066\u3044\u308B\u30D5\u30A1\u30A4\u30EB\u306F\u5B58\u5728\u3057\u307E\u305B\u3093"},
+        {"Cannot.restore.certchain.from.file.specified",
+                "\u6307\u5B9A\u3055\u308C\u305F\u30D5\u30A1\u30A4\u30EB\u304B\u3089\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u3092\u5FA9\u5143\u3067\u304D\u307E\u305B\u3093"},
+        {"Certificate.chain.not.found.in.the.file.specified.",
+                "\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u306F\u6307\u5B9A\u3055\u308C\u305F\u30D5\u30A1\u30A4\u30EB\u306B\u898B\u3064\u304B\u308A\u307E\u305B\u3093\u3002"},
+        {"found.non.X.509.certificate.in.signer.s.chain",
+                "\u7F72\u540D\u8005\u306E\u9023\u9396\u5185\u3067\u975EX.509\u8A3C\u660E\u66F8\u304C\u691C\u51FA\u3055\u308C\u307E\u3057\u305F"},
+        {"incomplete.certificate.chain", "\u4E0D\u5B8C\u5168\u306A\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3"},
+        {"Enter.key.password.for.alias.", "{0}\u306E\u9375\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044: "},
+        {"unable.to.recover.key.from.keystore",
+                "\u30AD\u30FC\u30B9\u30C8\u30A2\u304B\u3089\u9375\u3092\u5FA9\u5143\u3067\u304D\u307E\u305B\u3093"},
+        {"key.associated.with.alias.not.a.private.key",
+                "{0}\u3068\u95A2\u9023\u4ED8\u3051\u3089\u308C\u305F\u9375\u306F\u3001\u79D8\u5BC6\u9375\u3067\u306F\u3042\u308A\u307E\u305B\u3093"},
+        {"you.must.enter.key.password", "\u9375\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u5165\u529B\u3059\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059"},
+        {"unable.to.read.password.", "\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u8AAD\u307F\u8FBC\u3081\u307E\u305B\u3093: "},
+        {"certificate.is.valid.from", "\u8A3C\u660E\u66F8\u306F{0}\u304B\u3089{1}\u307E\u3067\u6709\u52B9\u3067\u3059"},
+        {"certificate.expired.on", "\u8A3C\u660E\u66F8\u306F{0}\u306B\u5931\u52B9\u3057\u307E\u3057\u305F"},
+        {"certificate.is.not.valid.until",
+                "\u8A3C\u660E\u66F8\u306F{0}\u307E\u3067\u6709\u52B9\u3067\u306F\u3042\u308A\u307E\u305B\u3093"},
+        {"certificate.will.expire.on", "\u8A3C\u660E\u66F8\u306F{0}\u306B\u5931\u52B9\u3057\u307E\u3059"},
+        {".CertPath.not.validated.", "[CertPath\u304C\u691C\u8A3C\u3055\u308C\u3066\u3044\u307E\u305B\u3093: "},
+        {"requesting.a.signature.timestamp",
+                "\u7F72\u540D\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u306E\u30EA\u30AF\u30A8\u30B9\u30C8"},
+        {"TSA.location.", "TSA\u306E\u5834\u6240: "},
+        {"TSA.certificate.", "TSA\u8A3C\u660E\u66F8: "},
+        {"no.response.from.the.Timestamping.Authority.",
+                "\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u5C40\u304B\u3089\u306E\u30EC\u30B9\u30DD\u30F3\u30B9\u304C\u3042\u308A\u307E\u305B\u3093\u3002\u30D5\u30A1\u30A4\u30A2\u30A6\u30A9\u30FC\u30EB\u3092\u4ECB\u3057\u3066\u63A5\u7D9A\u3059\u308B\u3068\u304D\u306F\u3001\u5FC5\u8981\u306B\u5FDC\u3058\u3066HTTP\u307E\u305F\u306FHTTPS\u30D7\u30ED\u30AD\u30B7\u3092\u6307\u5B9A\u3057\u3066\u304F\u3060\u3055\u3044\u3002jarsigner\u306B\u6B21\u306E\u30AA\u30D7\u30B7\u30E7\u30F3\u3092\u6307\u5B9A\u3057\u3066\u304F\u3060\u3055\u3044:"},
+        {"or", "\u307E\u305F\u306F"},
+        {"Certificate.not.found.for.alias.alias.must.reference.a.valid.KeyStore.entry.containing.an.X.509.public.key.certificate.for.the",
+                "\u8A3C\u660E\u66F8\u304C\u898B\u3064\u304B\u308A\u307E\u305B\u3093\u3067\u3057\u305F: {0}\u3002{1}\u306F\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7\u5C40\u306EX.509\u516C\u958B\u9375\u8A3C\u660E\u66F8\u304C\u542B\u307E\u308C\u3066\u3044\u308B\u6709\u52B9\u306AKeyStore\u30A8\u30F3\u30C8\u30EA\u3092\u53C2\u7167\u3059\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059\u3002"},
+        {"using.an.alternative.signing.mechanism",
+                "\u4EE3\u66FF\u7F72\u540D\u30E1\u30AB\u30CB\u30BA\u30E0\u306E\u4F7F\u7528"},
+        {"entry.was.signed.on", "\u30A8\u30F3\u30C8\u30EA\u306F{0}\u306B\u7F72\u540D\u3055\u308C\u307E\u3057\u305F"},
+        {"Warning.", "\u8B66\u544A: "},
+        {"This.jar.contains.unsigned.entries.which.have.not.been.integrity.checked.",
+                "\u3053\u306Ejar\u306B\u306F\u3001\u6574\u5408\u6027\u30C1\u30A7\u30C3\u30AF\u3092\u3057\u3066\u3044\u306A\u3044\u672A\u7F72\u540D\u306E\u30A8\u30F3\u30C8\u30EA\u304C\u542B\u307E\u308C\u3066\u3044\u307E\u3059\u3002 "},
+        {"This.jar.contains.entries.whose.signer.certificate.has.expired.",
+                "\u3053\u306Ejar\u306B\u306F\u3001\u7F72\u540D\u8005\u306E\u8A3C\u660E\u66F8\u304C\u671F\u9650\u5207\u308C\u306E\u30A8\u30F3\u30C8\u30EA\u304C\u542B\u307E\u308C\u3066\u3044\u307E\u3059\u3002 "},
+        {"This.jar.contains.entries.whose.signer.certificate.will.expire.within.six.months.",
+                "\u3053\u306Ejar\u306B\u306F\u3001\u7F72\u540D\u8005\u306E\u8A3C\u660E\u66F8\u304C6\u304B\u6708\u4EE5\u5185\u306B\u671F\u9650\u5207\u308C\u3068\u306A\u308B\u30A8\u30F3\u30C8\u30EA\u304C\u542B\u307E\u308C\u3066\u3044\u307E\u3059\u3002 "},
+        {"This.jar.contains.entries.whose.signer.certificate.is.not.yet.valid.",
+                "\u3053\u306Ejar\u306B\u306F\u3001\u7F72\u540D\u8005\u306E\u8A3C\u660E\u66F8\u304C\u307E\u3060\u6709\u52B9\u306B\u306A\u3063\u3066\u3044\u306A\u3044\u30A8\u30F3\u30C8\u30EA\u304C\u542B\u307E\u308C\u3066\u3044\u307E\u3059\u3002 "},
+        {"Re.run.with.the.verbose.option.for.more.details.",
+                "\u8A73\u7D30\u306F\u3001-verbose\u30AA\u30D7\u30B7\u30E7\u30F3\u3092\u4F7F\u7528\u3057\u3066\u518D\u5B9F\u884C\u3057\u3066\u304F\u3060\u3055\u3044\u3002"},
+        {"Re.run.with.the.verbose.and.certs.options.for.more.details.",
+                "\u8A73\u7D30\u306F\u3001-verbose\u304A\u3088\u3073-certs\u30AA\u30D7\u30B7\u30E7\u30F3\u3092\u4F7F\u7528\u3057\u3066\u518D\u5B9F\u884C\u3057\u3066\u304F\u3060\u3055\u3044\u3002"},
+        {"The.signer.certificate.has.expired.",
+                "\u7F72\u540D\u8005\u306E\u8A3C\u660E\u66F8\u306F\u671F\u9650\u5207\u308C\u3067\u3059\u3002"},
+        {"The.signer.certificate.will.expire.within.six.months.",
+                "\u7F72\u540D\u8005\u306E\u8A3C\u660E\u66F8\u306F6\u304B\u6708\u4EE5\u5185\u306B\u671F\u9650\u5207\u308C\u306B\u306A\u308A\u307E\u3059\u3002"},
+        {"The.signer.certificate.is.not.yet.valid.",
+                "\u7F72\u540D\u8005\u306E\u8A3C\u660E\u66F8\u306F\u307E\u3060\u6709\u52B9\u306B\u306A\u3063\u3066\u3044\u307E\u305B\u3093\u3002"},
+        {"The.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing.",
+                 "\u7F72\u540D\u8005\u8A3C\u660E\u66F8\u306EKeyUsage\u62E1\u5F35\u6A5F\u80FD\u3067\u306F\u3001\u30B3\u30FC\u30C9\u7F72\u540D\u306F\u8A31\u53EF\u3055\u308C\u307E\u305B\u3093\u3002"},
+        {"The.signer.certificate.s.ExtendedKeyUsage.extension.doesn.t.allow.code.signing.",
+                 "\u7F72\u540D\u8005\u8A3C\u660E\u66F8\u306EExtendedKeyUsage\u62E1\u5F35\u6A5F\u80FD\u3067\u306F\u3001\u30B3\u30FC\u30C9\u7F72\u540D\u306F\u8A31\u53EF\u3055\u308C\u307E\u305B\u3093\u3002"},
+        {"The.signer.certificate.s.NetscapeCertType.extension.doesn.t.allow.code.signing.",
+                 "\u7F72\u540D\u8005\u8A3C\u660E\u66F8\u306ENetscapeCertType\u62E1\u5F35\u6A5F\u80FD\u3067\u306F\u3001\u30B3\u30FC\u30C9\u7F72\u540D\u306F\u8A31\u53EF\u3055\u308C\u307E\u305B\u3093\u3002"},
+        {"This.jar.contains.entries.whose.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing.",
+                 "\u3053\u306Ejar\u306B\u306F\u3001\u7F72\u540D\u8005\u8A3C\u660E\u66F8\u306EKeyUsage\u62E1\u5F35\u6A5F\u80FD\u304C\u30B3\u30FC\u30C9\u7F72\u540D\u3092\u8A31\u53EF\u3057\u306A\u3044\u30A8\u30F3\u30C8\u30EA\u304C\u542B\u307E\u308C\u3066\u3044\u307E\u3059\u3002"},
+        {"This.jar.contains.entries.whose.signer.certificate.s.ExtendedKeyUsage.extension.doesn.t.allow.code.signing.",
+                 "\u3053\u306Ejar\u306B\u306F\u3001\u7F72\u540D\u8005\u8A3C\u660E\u66F8\u306EExtendedKeyUsage\u62E1\u5F35\u6A5F\u80FD\u304C\u30B3\u30FC\u30C9\u7F72\u540D\u3092\u8A31\u53EF\u3057\u306A\u3044\u30A8\u30F3\u30C8\u30EA\u304C\u542B\u307E\u308C\u3066\u3044\u307E\u3059\u3002"},
+        {"This.jar.contains.entries.whose.signer.certificate.s.NetscapeCertType.extension.doesn.t.allow.code.signing.",
+                 "\u3053\u306Ejar\u306B\u306F\u3001\u7F72\u540D\u8005\u8A3C\u660E\u66F8\u306ENetscapeCertType\u62E1\u5F35\u6A5F\u80FD\u304C\u30B3\u30FC\u30C9\u7F72\u540D\u3092\u8A31\u53EF\u3057\u306A\u3044\u30A8\u30F3\u30C8\u30EA\u304C\u542B\u307E\u308C\u3066\u3044\u307E\u3059\u3002"},
+        {".{0}.extension.does.not.support.code.signing.",
+                 "[{0}\u62E1\u5F35\u6A5F\u80FD\u306F\u30B3\u30FC\u30C9\u7F72\u540D\u3092\u30B5\u30DD\u30FC\u30C8\u3057\u3066\u3044\u307E\u305B\u3093]"},
+        {"The.signer.s.certificate.chain.is.not.validated.",
+                "\u7F72\u540D\u8005\u306E\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u304C\u307E\u3060\u691C\u8A3C\u3055\u308C\u3066\u3044\u307E\u305B\u3093\u3002"},
+        {"This.jar.contains.entries.whose.certificate.chain.is.not.validated.",
+                 "\u3053\u306Ejar\u306B\u306F\u3001\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u304C\u307E\u3060\u691C\u8A3C\u3055\u308C\u3066\u3044\u306A\u3044\u30A8\u30F3\u30C8\u30EA\u304C\u542B\u307E\u308C\u3066\u3044\u307E\u3059\u3002"},
+        {"Unknown.password.type.", "\u4E0D\u660E\u306A\u30D1\u30B9\u30EF\u30FC\u30C9\u30FB\u30BF\u30A4\u30D7: "},
+        {"Cannot.find.environment.variable.",
+                "\u74B0\u5883\u5909\u6570\u304C\u898B\u3064\u304B\u308A\u307E\u305B\u3093: "},
+        {"Cannot.find.file.", "\u30D5\u30A1\u30A4\u30EB\u304C\u898B\u3064\u304B\u308A\u307E\u305B\u3093: "},
+    };
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/jarsigner/Resources_zh_CN.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,246 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.jarsigner;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for JarSigner.
+ *
+ */
+public class Resources_zh_CN extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+
+        // shared (from jarsigner)
+        {"SPACE", " "},
+        {"2SPACE", "  "},
+        {"6SPACE", "      "},
+        {"COMMA", ", "},
+
+        {"provName.not.a.provider", "{0}\u4E0D\u662F\u63D0\u4F9B\u65B9"},
+        {"signerClass.is.not.a.signing.mechanism", "{0}\u4E0D\u662F\u7B7E\u540D\u673A\u5236"},
+        {"jarsigner.error.", "jarsigner \u9519\u8BEF: "},
+        {"Illegal.option.", "\u975E\u6CD5\u9009\u9879: "},
+        {".keystore.must.be.NONE.if.storetype.is.{0}",
+                "\u5982\u679C -storetype \u4E3A {0}, \u5219 -keystore \u5FC5\u987B\u4E3A NONE"},
+        {".keypass.can.not.be.specified.if.storetype.is.{0}",
+                "\u5982\u679C -storetype \u4E3A {0}, \u5219\u4E0D\u80FD\u6307\u5B9A -keypass"},
+        {"If.protected.is.specified.then.storepass.and.keypass.must.not.be.specified",
+                "\u5982\u679C\u6307\u5B9A\u4E86 -protected, \u5219\u4E0D\u80FD\u6307\u5B9A -storepass \u548C -keypass"},
+        {"If.keystore.is.not.password.protected.then.storepass.and.keypass.must.not.be.specified",
+                 "\u5982\u679C\u5BC6\u94A5\u5E93\u672A\u53D7\u53E3\u4EE4\u4FDD\u62A4, \u5219\u4E0D\u80FD\u6307\u5B9A -storepass \u548C -keypass"},
+        {"Usage.jarsigner.options.jar.file.alias",
+                "\u7528\u6CD5: jarsigner [\u9009\u9879] jar\u6587\u4EF6 \u522B\u540D"},
+        {".jarsigner.verify.options.jar.file.alias.",
+                "       jarsigner -verify [\u9009\u9879] jar\u6587\u4EF6 [\u522B\u540D...]"},
+        {".keystore.url.keystore.location",
+                "[-keystore <url>]           \u5BC6\u94A5\u5E93\u4F4D\u7F6E"},
+        {".storepass.password.password.for.keystore.integrity",
+            "[-storepass <\u53E3\u4EE4>]         \u7528\u4E8E\u5BC6\u94A5\u5E93\u5B8C\u6574\u6027\u7684\u53E3\u4EE4"},
+        {".storetype.type.keystore.type",
+                "[-storetype <\u7C7B\u578B>]         \u5BC6\u94A5\u5E93\u7C7B\u578B"},
+        {".keypass.password.password.for.private.key.if.different.",
+                "[-keypass <\u53E3\u4EE4>]           \u79C1\u6709\u5BC6\u94A5\u7684\u53E3\u4EE4 (\u5982\u679C\u4E0D\u540C)"},
+        {".certchain.file.name.of.alternative.certchain.file",
+                "[-certchain <\u6587\u4EF6>]         \u66FF\u4EE3\u8BC1\u4E66\u94FE\u6587\u4EF6\u7684\u540D\u79F0"},
+        {".sigfile.file.name.of.SF.DSA.file",
+                "[-sigfile <\u6587\u4EF6>]           .SF/.DSA \u6587\u4EF6\u7684\u540D\u79F0"},
+        {".signedjar.file.name.of.signed.JAR.file",
+                "[-signedjar <\u6587\u4EF6>]         \u5DF2\u7B7E\u540D\u7684 JAR \u6587\u4EF6\u7684\u540D\u79F0"},
+        {".digestalg.algorithm.name.of.digest.algorithm",
+                "[-digestalg <\u7B97\u6CD5>]    \u6458\u8981\u7B97\u6CD5\u7684\u540D\u79F0"},
+        {".sigalg.algorithm.name.of.signature.algorithm",
+                "[-sigalg <\u7B97\u6CD5>]       \u7B7E\u540D\u7B97\u6CD5\u7684\u540D\u79F0"},
+        {".verify.verify.a.signed.JAR.file",
+                "[-verify]                   \u9A8C\u8BC1\u5DF2\u7B7E\u540D\u7684 JAR \u6587\u4EF6"},
+        {".verbose.suboptions.verbose.output.when.signing.verifying.",
+                "[-verbose[:\u5B50\u9009\u9879]]     \u7B7E\u540D/\u9A8C\u8BC1\u65F6\u8F93\u51FA\u8BE6\u7EC6\u4FE1\u606F\u3002"},
+        {".suboptions.can.be.all.grouped.or.summary",
+                "                            \u5B50\u9009\u9879\u53EF\u4EE5\u662F all, grouped \u6216 summary"},
+        {".certs.display.certificates.when.verbose.and.verifying",
+                "[-certs]                    \u8F93\u51FA\u8BE6\u7EC6\u4FE1\u606F\u548C\u9A8C\u8BC1\u65F6\u663E\u793A\u8BC1\u4E66"},
+        {".tsa.url.location.of.the.Timestamping.Authority",
+                "[-tsa <url>]                \u65F6\u95F4\u6233\u9881\u53D1\u673A\u6784\u7684\u4F4D\u7F6E"},
+        {".tsacert.alias.public.key.certificate.for.Timestamping.Authority",
+                "[-tsacert <\u522B\u540D>]           \u65F6\u95F4\u6233\u9881\u53D1\u673A\u6784\u7684\u516C\u5171\u5BC6\u94A5\u8BC1\u4E66"},
+        {".altsigner.class.class.name.of.an.alternative.signing.mechanism",
+                "[-altsigner <\u7C7B>]           \u66FF\u4EE3\u7684\u7B7E\u540D\u673A\u5236\u7684\u7C7B\u540D"},
+        {".altsignerpath.pathlist.location.of.an.alternative.signing.mechanism",
+                "[-altsignerpath <\u8DEF\u5F84\u5217\u8868>] \u66FF\u4EE3\u7684\u7B7E\u540D\u673A\u5236\u7684\u4F4D\u7F6E"},
+        {".internalsf.include.the.SF.file.inside.the.signature.block",
+                "[-internalsf]               \u5728\u7B7E\u540D\u5757\u5185\u5305\u542B .SF \u6587\u4EF6"},
+        {".sectionsonly.don.t.compute.hash.of.entire.manifest",
+                "[-sectionsonly]             \u4E0D\u8BA1\u7B97\u6574\u4E2A\u6E05\u5355\u7684\u6563\u5217"},
+        {".protected.keystore.has.protected.authentication.path",
+                "[-protected]                \u5BC6\u94A5\u5E93\u5177\u6709\u53D7\u4FDD\u62A4\u9A8C\u8BC1\u8DEF\u5F84"},
+        {".providerName.name.provider.name",
+                "[-providerName <\u540D\u79F0>]      \u63D0\u4F9B\u65B9\u540D\u79F0"},
+        {".providerClass.class.name.of.cryptographic.service.provider.s",
+                "[-providerClass <\u7C7B>        \u52A0\u5BC6\u670D\u52A1\u63D0\u4F9B\u65B9\u7684\u540D\u79F0"},
+        {".providerArg.arg.master.class.file.and.constructor.argument",
+                "  [-providerArg <\u53C2\u6570>]]... \u4E3B\u7C7B\u6587\u4EF6\u548C\u6784\u9020\u5668\u53C2\u6570"},
+        {".strict.treat.warnings.as.errors",
+                "[-strict]                   \u5C06\u8B66\u544A\u89C6\u4E3A\u9519\u8BEF"},
+        {"Option.lacks.argument", "\u9009\u9879\u7F3A\u5C11\u53C2\u6570"},
+        {"Please.type.jarsigner.help.for.usage", "\u8BF7\u952E\u5165 jarsigner -help \u4EE5\u4E86\u89E3\u7528\u6CD5"},
+        {"Please.specify.jarfile.name", "\u8BF7\u6307\u5B9A jar \u6587\u4EF6\u7684\u540D\u79F0"},
+        {"Please.specify.alias.name", "\u8BF7\u6307\u5B9A\u522B\u540D"},
+        {"Only.one.alias.can.be.specified", "\u53EA\u80FD\u6307\u5B9A\u4E00\u4E2A\u522B\u540D"},
+        {"This.jar.contains.signed.entries.which.is.not.signed.by.the.specified.alias.es.",
+                 "\u6B64 jar \u5305\u542B\u672A\u7531\u6307\u5B9A\u522B\u540D\u7B7E\u540D\u7684\u5DF2\u7B7E\u540D\u6761\u76EE\u3002"},
+        {"This.jar.contains.signed.entries.that.s.not.signed.by.alias.in.this.keystore.",
+                  "\u6B64 jar \u5305\u542B\u672A\u7531\u6B64\u5BC6\u94A5\u5E93\u4E2D\u7684\u522B\u540D\u7B7E\u540D\u7684\u5DF2\u7B7E\u540D\u6761\u76EE\u3002"},
+        {"s", "s"},
+        {"m", "m"},
+        {"k", "k"},
+        {"i", "i"},
+        {".and.d.more.", "(%d \u53CA\u4EE5\u4E0A)"},
+        {".s.signature.was.verified.",
+                "  s = \u5DF2\u9A8C\u8BC1\u7B7E\u540D "},
+        {".m.entry.is.listed.in.manifest",
+                "  m = \u5728\u6E05\u5355\u4E2D\u5217\u51FA\u6761\u76EE"},
+        {".k.at.least.one.certificate.was.found.in.keystore",
+                "  k = \u5728\u5BC6\u94A5\u5E93\u4E2D\u81F3\u5C11\u627E\u5230\u4E86\u4E00\u4E2A\u8BC1\u4E66"},
+        {".i.at.least.one.certificate.was.found.in.identity.scope",
+                "  i = \u5728\u8EAB\u4EFD\u4F5C\u7528\u57DF\u5185\u81F3\u5C11\u627E\u5230\u4E86\u4E00\u4E2A\u8BC1\u4E66"},
+        {".X.not.signed.by.specified.alias.es.",
+                "  X = \u672A\u7531\u6307\u5B9A\u522B\u540D\u7B7E\u540D"},
+        {"no.manifest.", "\u6CA1\u6709\u6E05\u5355\u3002"},
+        {".Signature.related.entries.","(\u4E0E\u7B7E\u540D\u76F8\u5173\u7684\u6761\u76EE)"},
+        {".Unsigned.entries.", "(\u672A\u7B7E\u540D\u6761\u76EE)"},
+        {"jar.is.unsigned.signatures.missing.or.not.parsable.",
+                "jar \u672A\u7B7E\u540D\u3002(\u7F3A\u5C11\u7B7E\u540D\u6216\u65E0\u6CD5\u5BF9\u7B7E\u540D\u8FDB\u884C\u8BED\u6CD5\u5206\u6790)"},
+        {"jar.verified.", "jar \u5DF2\u9A8C\u8BC1\u3002"},
+        {"jarsigner.", "jarsigner: "},
+        {"signature.filename.must.consist.of.the.following.characters.A.Z.0.9.or.",
+                "\u7B7E\u540D\u6587\u4EF6\u540D\u5FC5\u987B\u5305\u542B\u4EE5\u4E0B\u5B57\u7B26: A-Z, 0-9, _ \u6216 -"},
+        {"unable.to.open.jar.file.", "\u65E0\u6CD5\u6253\u5F00 jar \u6587\u4EF6: "},
+        {"unable.to.create.", "\u65E0\u6CD5\u521B\u5EFA: "},
+        {".adding.", "   \u6B63\u5728\u6DFB\u52A0: "},
+        {".updating.", " \u6B63\u5728\u66F4\u65B0: "},
+        {".signing.", "  \u6B63\u5728\u7B7E\u540D: "},
+        {"attempt.to.rename.signedJarFile.to.jarFile.failed",
+                "\u5C1D\u8BD5\u5C06{0}\u91CD\u547D\u540D\u4E3A{1}\u65F6\u5931\u8D25"},
+        {"attempt.to.rename.jarFile.to.origJar.failed",
+                "\u5C1D\u8BD5\u5C06{0}\u91CD\u547D\u540D\u4E3A{1}\u65F6\u5931\u8D25"},
+        {"unable.to.sign.jar.", "\u65E0\u6CD5\u5BF9 jar \u8FDB\u884C\u7B7E\u540D: "},
+        {"Enter.Passphrase.for.keystore.", "\u8F93\u5165\u5BC6\u94A5\u5E93\u7684\u5BC6\u7801\u77ED\u8BED: "},
+        {"keystore.load.", "\u5BC6\u94A5\u5E93\u52A0\u8F7D: "},
+        {"certificate.exception.", "\u8BC1\u4E66\u5F02\u5E38\u9519\u8BEF: "},
+        {"unable.to.instantiate.keystore.class.",
+                "\u65E0\u6CD5\u5B9E\u4F8B\u5316\u5BC6\u94A5\u5E93\u7C7B: "},
+        {"Certificate.chain.not.found.for.alias.alias.must.reference.a.valid.KeyStore.key.entry.containing.a.private.key.and",
+                "\u627E\u4E0D\u5230{0}\u7684\u8BC1\u4E66\u94FE\u3002{1}\u5FC5\u987B\u5F15\u7528\u5305\u542B\u79C1\u6709\u5BC6\u94A5\u548C\u76F8\u5E94\u7684\u516C\u5171\u5BC6\u94A5\u8BC1\u4E66\u94FE\u7684\u6709\u6548 KeyStore \u5BC6\u94A5\u6761\u76EE\u3002"},
+        {"File.specified.by.certchain.does.not.exist",
+                "\u7531 -certchain \u6307\u5B9A\u7684\u6587\u4EF6\u4E0D\u5B58\u5728"},
+        {"Cannot.restore.certchain.from.file.specified",
+                "\u65E0\u6CD5\u4ECE\u6307\u5B9A\u7684\u6587\u4EF6\u8FD8\u539F\u8BC1\u4E66\u94FE"},
+        {"Certificate.chain.not.found.in.the.file.specified.",
+                "\u5728\u6307\u5B9A\u7684\u6587\u4EF6\u4E2D\u627E\u4E0D\u5230\u8BC1\u4E66\u94FE\u3002"},
+        {"found.non.X.509.certificate.in.signer.s.chain",
+                "\u5728\u7B7E\u540D\u8005\u7684\u94FE\u4E2D\u627E\u5230\u975E X.509 \u8BC1\u4E66"},
+        {"incomplete.certificate.chain", "\u8BC1\u4E66\u94FE\u4E0D\u5B8C\u6574"},
+        {"Enter.key.password.for.alias.", "\u8F93\u5165{0}\u7684\u5BC6\u94A5\u53E3\u4EE4: "},
+        {"unable.to.recover.key.from.keystore",
+                "\u65E0\u6CD5\u4ECE\u5BC6\u94A5\u5E93\u4E2D\u6062\u590D\u5BC6\u94A5"},
+        {"key.associated.with.alias.not.a.private.key",
+                "\u4E0E{0}\u5173\u8054\u7684\u5BC6\u94A5\u4E0D\u662F\u79C1\u6709\u5BC6\u94A5"},
+        {"you.must.enter.key.password", "\u5FC5\u987B\u8F93\u5165\u5BC6\u94A5\u53E3\u4EE4"},
+        {"unable.to.read.password.", "\u65E0\u6CD5\u8BFB\u53D6\u53E3\u4EE4: "},
+        {"certificate.is.valid.from", "\u8BC1\u4E66\u7684\u6709\u6548\u671F\u4E3A{0}\u81F3{1}"},
+        {"certificate.expired.on", "\u8BC1\u4E66\u5230\u671F\u65E5\u671F\u4E3A {0}"},
+        {"certificate.is.not.valid.until",
+                "\u76F4\u5230{0}, \u8BC1\u4E66\u624D\u6709\u6548"},
+        {"certificate.will.expire.on", "\u8BC1\u4E66\u5C06\u5728{0}\u5230\u671F"},
+        {".CertPath.not.validated.", "[CertPath \u672A\u9A8C\u8BC1: "},
+        {"requesting.a.signature.timestamp",
+                "\u6B63\u5728\u8BF7\u6C42\u7B7E\u540D\u65F6\u95F4\u6233"},
+        {"TSA.location.", "TSA \u4F4D\u7F6E: "},
+        {"TSA.certificate.", "TSA \u8BC1\u4E66: "},
+        {"no.response.from.the.Timestamping.Authority.",
+                "\u65F6\u95F4\u6233\u9881\u53D1\u673A\u6784\u6CA1\u6709\u54CD\u5E94\u3002\u5982\u679C\u8981\u4ECE\u9632\u706B\u5899\u540E\u9762\u8FDE\u63A5, \u5219\u53EF\u80FD\u9700\u8981\u6307\u5B9A HTTP \u6216 HTTPS \u4EE3\u7406\u3002\u8BF7\u4E3A jarsigner \u63D0\u4F9B\u4EE5\u4E0B\u9009\u9879: "},
+        {"or", "\u6216"},
+        {"Certificate.not.found.for.alias.alias.must.reference.a.valid.KeyStore.entry.containing.an.X.509.public.key.certificate.for.the",
+                "\u627E\u4E0D\u5230{0}\u7684\u8BC1\u4E66\u3002{1}\u5FC5\u987B\u5F15\u7528\u5305\u542B\u65F6\u95F4\u6233\u9881\u53D1\u673A\u6784\u7684 X.509 \u516C\u5171\u5BC6\u94A5\u8BC1\u4E66\u7684\u6709\u6548 KeyStore \u6761\u76EE\u3002"},
+        {"using.an.alternative.signing.mechanism",
+                "\u6B63\u5728\u4F7F\u7528\u66FF\u4EE3\u7684\u7B7E\u540D\u673A\u5236"},
+        {"entry.was.signed.on", "\u6761\u76EE\u7684\u7B7E\u540D\u65E5\u671F\u4E3A {0}"},
+        {"Warning.", "\u8B66\u544A: "},
+        {"This.jar.contains.unsigned.entries.which.have.not.been.integrity.checked.",
+                "\u6B64 jar \u5305\u542B\u5C1A\u672A\u8FDB\u884C\u5B8C\u6574\u6027\u68C0\u67E5\u7684\u672A\u7B7E\u540D\u6761\u76EE\u3002 "},
+        {"This.jar.contains.entries.whose.signer.certificate.has.expired.",
+                "\u6B64 jar \u5305\u542B\u7B7E\u540D\u8005\u8BC1\u4E66\u5DF2\u8FC7\u671F\u7684\u6761\u76EE\u3002 "},
+        {"This.jar.contains.entries.whose.signer.certificate.will.expire.within.six.months.",
+                "\u6B64 jar \u5305\u542B\u7B7E\u540D\u8005\u8BC1\u4E66\u5C06\u5728\u516D\u4E2A\u6708\u5185\u8FC7\u671F\u7684\u6761\u76EE\u3002 "},
+        {"This.jar.contains.entries.whose.signer.certificate.is.not.yet.valid.",
+                "\u6B64 jar \u5305\u542B\u7B7E\u540D\u8005\u8BC1\u4E66\u4ECD\u65E0\u6548\u7684\u6761\u76EE\u3002 "},
+        {"Re.run.with.the.verbose.option.for.more.details.",
+                "\u6709\u5173\u8BE6\u7EC6\u4FE1\u606F, \u8BF7\u4F7F\u7528 -verbose \u9009\u9879\u91CD\u65B0\u8FD0\u884C\u3002"},
+        {"Re.run.with.the.verbose.and.certs.options.for.more.details.",
+                "\u6709\u5173\u8BE6\u7EC6\u4FE1\u606F, \u8BF7\u4F7F\u7528 -verbose \u548C -certs \u9009\u9879\u91CD\u65B0\u8FD0\u884C\u3002"},
+        {"The.signer.certificate.has.expired.",
+                "\u7B7E\u540D\u8005\u8BC1\u4E66\u5DF2\u8FC7\u671F\u3002"},
+        {"The.signer.certificate.will.expire.within.six.months.",
+                "\u7B7E\u540D\u8005\u8BC1\u4E66\u5C06\u5728\u516D\u4E2A\u6708\u5185\u8FC7\u671F\u3002"},
+        {"The.signer.certificate.is.not.yet.valid.",
+                "\u7B7E\u540D\u8005\u8BC1\u4E66\u4ECD\u65E0\u6548\u3002"},
+        {"The.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing.",
+                 "\u7531\u4E8E\u7B7E\u540D\u8005\u8BC1\u4E66\u7684 KeyUsage \u6269\u5C55\u800C\u65E0\u6CD5\u8FDB\u884C\u4EE3\u7801\u7B7E\u540D\u3002"},
+        {"The.signer.certificate.s.ExtendedKeyUsage.extension.doesn.t.allow.code.signing.",
+                 "\u7531\u4E8E\u7B7E\u540D\u8005\u8BC1\u4E66\u7684 ExtendedKeyUsage \u6269\u5C55\u800C\u65E0\u6CD5\u8FDB\u884C\u4EE3\u7801\u7B7E\u540D\u3002"},
+        {"The.signer.certificate.s.NetscapeCertType.extension.doesn.t.allow.code.signing.",
+                 "\u7531\u4E8E\u7B7E\u540D\u8005\u8BC1\u4E66\u7684 NetscapeCertType \u6269\u5C55\u800C\u65E0\u6CD5\u8FDB\u884C\u4EE3\u7801\u7B7E\u540D\u3002"},
+        {"This.jar.contains.entries.whose.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing.",
+                 "\u6B64 jar \u5305\u542B\u7531\u4E8E\u7B7E\u540D\u8005\u8BC1\u4E66\u7684 KeyUsage \u6269\u5C55\u800C\u65E0\u6CD5\u8FDB\u884C\u4EE3\u7801\u7B7E\u540D\u7684\u6761\u76EE\u3002"},
+        {"This.jar.contains.entries.whose.signer.certificate.s.ExtendedKeyUsage.extension.doesn.t.allow.code.signing.",
+                 "\u6B64 jar \u5305\u542B\u7531\u4E8E\u7B7E\u540D\u8005\u8BC1\u4E66\u7684 ExtendedKeyUsage \u6269\u5C55\u800C\u65E0\u6CD5\u8FDB\u884C\u4EE3\u7801\u7B7E\u540D\u7684\u6761\u76EE\u3002"},
+        {"This.jar.contains.entries.whose.signer.certificate.s.NetscapeCertType.extension.doesn.t.allow.code.signing.",
+                 "\u6B64 jar \u5305\u542B\u7531\u4E8E\u7B7E\u540D\u8005\u8BC1\u4E66\u7684 NetscapeCertType \u6269\u5C55\u800C\u65E0\u6CD5\u8FDB\u884C\u4EE3\u7801\u7B7E\u540D\u7684\u6761\u76EE\u3002"},
+        {".{0}.extension.does.not.support.code.signing.",
+                 "[{0} \u6269\u5C55\u4E0D\u652F\u6301\u4EE3\u7801\u7B7E\u540D]"},
+        {"The.signer.s.certificate.chain.is.not.validated.",
+                "\u7B7E\u540D\u8005\u7684\u8BC1\u4E66\u94FE\u672A\u9A8C\u8BC1\u3002"},
+        {"This.jar.contains.entries.whose.certificate.chain.is.not.validated.",
+                 "\u6B64 jar \u5305\u542B\u8BC1\u4E66\u94FE\u672A\u9A8C\u8BC1\u7684\u6761\u76EE\u3002"},
+        {"Unknown.password.type.", "\u672A\u77E5\u53E3\u4EE4\u7C7B\u578B: "},
+        {"Cannot.find.environment.variable.",
+                "\u627E\u4E0D\u5230\u73AF\u5883\u53D8\u91CF: "},
+        {"Cannot.find.file.", "\u627E\u4E0D\u5230\u6587\u4EF6: "},
+        {"Command.option.flag.needs.an.argument.", "\u547D\u4EE4\u9009\u9879{0}\u9700\u8981\u4E00\u4E2A\u53C2\u6570\u3002"},
+    };
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/jarsigner/TimestampedSigner.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,186 @@
+/*
+ * Copyright (c) 2007, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.jarsigner;
+
+import java.io.IOException;
+import java.net.URI;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+
+import com.sun.jarsigner.*;
+import sun.security.pkcs.PKCS7;
+import sun.security.util.*;
+import sun.security.x509.*;
+
+/**
+ * This class implements a content signing service.
+ * It generates a timestamped signature for a given content according to
+ * <a href="http://www.ietf.org/rfc/rfc3161.txt">RFC 3161</a>.
+ * The signature along with a trusted timestamp and the signer's certificate
+ * are all packaged into a standard PKCS #7 Signed Data message.
+ *
+ * @author Vincent Ryan
+ */
+
+public final class TimestampedSigner extends ContentSigner {
+
+    /*
+     * Object identifier for the subject information access X.509 certificate
+     * extension.
+     */
+    private static final String SUBJECT_INFO_ACCESS_OID = "1.3.6.1.5.5.7.1.11";
+
+    /*
+     * Object identifier for the timestamping access descriptors.
+     */
+    private static final ObjectIdentifier AD_TIMESTAMPING_Id;
+    static {
+        ObjectIdentifier tmp = null;
+        try {
+            tmp = new ObjectIdentifier("1.3.6.1.5.5.7.48.3");
+        } catch (IOException e) {
+            // ignore
+        }
+        AD_TIMESTAMPING_Id = tmp;
+    }
+
+    /**
+     * Instantiates a content signer that supports timestamped signatures.
+     */
+    public TimestampedSigner() {
+    }
+
+    /**
+     * Generates a PKCS #7 signed data message that includes a signature
+     * timestamp.
+     * This method is used when a signature has already been generated.
+     * The signature, a signature timestamp, the signer's certificate chain,
+     * and optionally the content that was signed, are packaged into a PKCS #7
+     * signed data message.
+     *
+     * @param params The non-null input parameters.
+     * @param omitContent true if the content should be omitted from the
+     *        signed data message. Otherwise the content is included.
+     * @param applyTimestamp true if the signature should be timestamped.
+     *        Otherwise timestamping is not performed.
+     * @return A PKCS #7 signed data message including a signature timestamp.
+     * @throws NoSuchAlgorithmException The exception is thrown if the signature
+     *         algorithm is unrecognised.
+     * @throws CertificateException The exception is thrown if an error occurs
+     *         while processing the signer's certificate or the TSA's
+     *         certificate.
+     * @throws IOException The exception is thrown if an error occurs while
+     *         generating the signature timestamp or while generating the signed
+     *         data message.
+     * @throws NullPointerException The exception is thrown if parameters is
+     *         null.
+     */
+    public byte[] generateSignedData(ContentSignerParameters params,
+        boolean omitContent, boolean applyTimestamp)
+            throws NoSuchAlgorithmException, CertificateException, IOException {
+
+        if (params == null) {
+            throw new NullPointerException();
+        }
+
+        // Parse the signature algorithm to extract the digest
+        // algorithm. The expected format is:
+        //     "<digest>with<encryption>"
+        // or  "<digest>with<encryption>and<mgf>"
+        String signatureAlgorithm = params.getSignatureAlgorithm();
+
+        X509Certificate[] signerChain = params.getSignerCertificateChain();
+        byte[] signature = params.getSignature();
+
+        // Include or exclude content
+        byte[] content = (omitContent == true) ? null : params.getContent();
+
+        URI tsaURI = null;
+        if (applyTimestamp) {
+            tsaURI = params.getTimestampingAuthority();
+            if (tsaURI == null) {
+                // Examine TSA cert
+                tsaURI = getTimestampingURI(
+                    params.getTimestampingAuthorityCertificate());
+                if (tsaURI == null) {
+                    throw new CertificateException(
+                        "Subject Information Access extension not found");
+                }
+            }
+        }
+        return PKCS7.generateSignedData(signature, signerChain, content,
+                                        params.getSignatureAlgorithm(), tsaURI);
+    }
+
+    /**
+     * Examine the certificate for a Subject Information Access extension
+     * (<a href="http://www.ietf.org/rfc/rfc3280.txt">RFC 3280</a>).
+     * The extension's <tt>accessMethod</tt> field should contain the object
+     * identifier defined for timestamping: 1.3.6.1.5.5.7.48.3 and its
+     * <tt>accessLocation</tt> field should contain an HTTP or HTTPS URL.
+     *
+     * @param tsaCertificate An X.509 certificate for the TSA.
+     * @return An HTTP or HTTPS URI or null if none was found.
+     */
+    public static URI getTimestampingURI(X509Certificate tsaCertificate) {
+
+        if (tsaCertificate == null) {
+            return null;
+        }
+        // Parse the extensions
+        try {
+            byte[] extensionValue =
+                tsaCertificate.getExtensionValue(SUBJECT_INFO_ACCESS_OID);
+            if (extensionValue == null) {
+                return null;
+            }
+            DerInputStream der = new DerInputStream(extensionValue);
+            der = new DerInputStream(der.getOctetString());
+            DerValue[] derValue = der.getSequence(5);
+            AccessDescription description;
+            GeneralName location;
+            URIName uri;
+            for (int i = 0; i < derValue.length; i++) {
+                description = new AccessDescription(derValue[i]);
+                if (description.getAccessMethod()
+                        .equals((Object)AD_TIMESTAMPING_Id)) {
+                    location = description.getAccessLocation();
+                    if (location.getType() == GeneralNameInterface.NAME_URI) {
+                        uri = (URIName) location.getName();
+                        if (uri.getScheme().equalsIgnoreCase("http") ||
+                                uri.getScheme().equalsIgnoreCase("https")) {
+                            return uri.getURI();
+                        }
+                    }
+                }
+            }
+        } catch (IOException ioe) {
+            // ignore
+        }
+        return null;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/keytool/CertAndKeyGen.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,328 @@
+/*
+ * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.keytool;
+
+import java.io.IOException;
+import java.security.cert.X509Certificate;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateEncodingException;
+import java.security.*;
+import java.util.Date;
+
+import sun.security.pkcs10.PKCS10;
+import sun.security.x509.*;
+
+
+/**
+ * Generate a pair of keys, and provide access to them.  This class is
+ * provided primarily for ease of use.
+ *
+ * <P>This provides some simple certificate management functionality.
+ * Specifically, it allows you to create self-signed X.509 certificates
+ * as well as PKCS 10 based certificate signing requests.
+ *
+ * <P>Keys for some public key signature algorithms have algorithm
+ * parameters, such as DSS/DSA.  Some sites' Certificate Authorities
+ * adopt fixed algorithm parameters, which speeds up some operations
+ * including key generation and signing.  <em>At this time, this interface
+ * does not provide a way to provide such algorithm parameters, e.g.
+ * by providing the CA certificate which includes those parameters.</em>
+ *
+ * <P>Also, note that at this time only signature-capable keys may be
+ * acquired through this interface.  Diffie-Hellman keys, used for secure
+ * key exchange, may be supported later.
+ *
+ * @author David Brownell
+ * @author Hemma Prafullchandra
+ * @see PKCS10
+ * @see X509CertImpl
+ */
+public final class CertAndKeyGen {
+    /**
+     * Creates a CertAndKeyGen object for a particular key type
+     * and signature algorithm.
+     *
+     * @param keyType type of key, e.g. "RSA", "DSA"
+     * @param sigAlg name of the signature algorithm, e.g. "MD5WithRSA",
+     *          "MD2WithRSA", "SHAwithDSA".
+     * @exception NoSuchAlgorithmException on unrecognized algorithms.
+     */
+    public CertAndKeyGen (String keyType, String sigAlg)
+    throws NoSuchAlgorithmException
+    {
+        keyGen = KeyPairGenerator.getInstance(keyType);
+        this.sigAlg = sigAlg;
+    }
+
+    /**
+     * Creates a CertAndKeyGen object for a particular key type,
+     * signature algorithm, and provider.
+     *
+     * @param keyType type of key, e.g. "RSA", "DSA"
+     * @param sigAlg name of the signature algorithm, e.g. "MD5WithRSA",
+     *          "MD2WithRSA", "SHAwithDSA".
+     * @param providerName name of the provider
+     * @exception NoSuchAlgorithmException on unrecognized algorithms.
+     * @exception NoSuchProviderException on unrecognized providers.
+     */
+    public CertAndKeyGen (String keyType, String sigAlg, String providerName)
+    throws NoSuchAlgorithmException, NoSuchProviderException
+    {
+        if (providerName == null) {
+            keyGen = KeyPairGenerator.getInstance(keyType);
+        } else {
+            try {
+                keyGen = KeyPairGenerator.getInstance(keyType, providerName);
+            } catch (Exception e) {
+                // try first available provider instead
+                keyGen = KeyPairGenerator.getInstance(keyType);
+            }
+        }
+        this.sigAlg = sigAlg;
+    }
+
+    /**
+     * Sets the source of random numbers used when generating keys.
+     * If you do not provide one, a system default facility is used.
+     * You may wish to provide your own source of random numbers
+     * to get a reproducible sequence of keys and signatures, or
+     * because you may be able to take advantage of strong sources
+     * of randomness/entropy in your environment.
+     */
+    public void         setRandom (SecureRandom generator)
+    {
+        prng = generator;
+    }
+
+    // want "public void generate (X509Certificate)" ... inherit DSA/D-H param
+
+    /**
+     * Generates a random public/private key pair, with a given key
+     * size.  Different algorithms provide different degrees of security
+     * for the same key size, because of the "work factor" involved in
+     * brute force attacks.  As computers become faster, it becomes
+     * easier to perform such attacks.  Small keys are to be avoided.
+     *
+     * <P>Note that not all values of "keyBits" are valid for all
+     * algorithms, and not all public key algorithms are currently
+     * supported for use in X.509 certificates.  If the algorithm
+     * you specified does not produce X.509 compatible keys, an
+     * invalid key exception is thrown.
+     *
+     * @param keyBits the number of bits in the keys.
+     * @exception InvalidKeyException if the environment does not
+     *  provide X.509 public keys for this signature algorithm.
+     */
+    public void generate (int keyBits)
+    throws InvalidKeyException
+    {
+        KeyPair pair;
+
+        try {
+            if (prng == null) {
+                prng = new SecureRandom();
+            }
+            keyGen.initialize(keyBits, prng);
+            pair = keyGen.generateKeyPair();
+
+        } catch (Exception e) {
+            throw new IllegalArgumentException(e.getMessage());
+        }
+
+        publicKey = pair.getPublic();
+        privateKey = pair.getPrivate();
+
+        // publicKey's format must be X.509 otherwise
+        // the whole CertGen part of this class is broken.
+        if (!"X.509".equalsIgnoreCase(publicKey.getFormat())) {
+            throw new IllegalArgumentException("publicKey's is not X.509, but "
+                    + publicKey.getFormat());
+        }
+    }
+
+
+    /**
+     * Returns the public key of the generated key pair if it is of type
+     * <code>X509Key</code>, or null if the public key is of a different type.
+     *
+     * XXX Note: This behaviour is needed for backwards compatibility.
+     * What this method really should return is the public key of the
+     * generated key pair, regardless of whether or not it is an instance of
+     * <code>X509Key</code>. Accordingly, the return type of this method
+     * should be <code>PublicKey</code>.
+     */
+    public X509Key getPublicKey()
+    {
+        if (!(publicKey instanceof X509Key)) {
+            return null;
+        }
+        return (X509Key)publicKey;
+    }
+
+    /**
+     * Always returns the public key of the generated key pair. Used
+     * by KeyTool only.
+     *
+     * The publicKey is not necessarily to be an instance of
+     * X509Key in some JCA/JCE providers, for example SunPKCS11.
+     */
+    public PublicKey getPublicKeyAnyway() {
+        return publicKey;
+    }
+
+    /**
+     * Returns the private key of the generated key pair.
+     *
+     * <P><STRONG><em>Be extremely careful when handling private keys.
+     * When private keys are not kept secret, they lose their ability
+     * to securely authenticate specific entities ... that is a huge
+     * security risk!</em></STRONG>
+     */
+    public PrivateKey getPrivateKey ()
+    {
+        return privateKey;
+    }
+
+    /**
+     * Returns a self-signed X.509v3 certificate for the public key.
+     * The certificate is immediately valid. No extensions.
+     *
+     * <P>Such certificates normally are used to identify a "Certificate
+     * Authority" (CA).  Accordingly, they will not always be accepted by
+     * other parties.  However, such certificates are also useful when
+     * you are bootstrapping your security infrastructure, or deploying
+     * system prototypes.
+     *
+     * @param myname X.500 name of the subject (who is also the issuer)
+     * @param firstDate the issue time of the certificate
+     * @param validity how long the certificate should be valid, in seconds
+     * @exception CertificateException on certificate handling errors.
+     * @exception InvalidKeyException on key handling errors.
+     * @exception SignatureException on signature handling errors.
+     * @exception NoSuchAlgorithmException on unrecognized algorithms.
+     * @exception NoSuchProviderException on unrecognized providers.
+     */
+    public X509Certificate getSelfCertificate (
+            X500Name myname, Date firstDate, long validity)
+    throws CertificateException, InvalidKeyException, SignatureException,
+        NoSuchAlgorithmException, NoSuchProviderException
+    {
+        return getSelfCertificate(myname, firstDate, validity, null);
+    }
+
+    // Like above, plus a CertificateExtensions argument, which can be null.
+    public X509Certificate getSelfCertificate (X500Name myname, Date firstDate,
+            long validity, CertificateExtensions ext)
+    throws CertificateException, InvalidKeyException, SignatureException,
+        NoSuchAlgorithmException, NoSuchProviderException
+    {
+        X509CertImpl    cert;
+        Date            lastDate;
+
+        try {
+            lastDate = new Date ();
+            lastDate.setTime (firstDate.getTime () + validity * 1000);
+
+            CertificateValidity interval =
+                                   new CertificateValidity(firstDate,lastDate);
+
+            X509CertInfo info = new X509CertInfo();
+            // Add all mandatory attributes
+            info.set(X509CertInfo.VERSION,
+                     new CertificateVersion(CertificateVersion.V3));
+            info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(
+                    new java.util.Random().nextInt() & 0x7fffffff));
+            AlgorithmId algID = AlgorithmId.get(sigAlg);
+            info.set(X509CertInfo.ALGORITHM_ID,
+                     new CertificateAlgorithmId(algID));
+            info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(myname));
+            info.set(X509CertInfo.KEY, new CertificateX509Key(publicKey));
+            info.set(X509CertInfo.VALIDITY, interval);
+            info.set(X509CertInfo.ISSUER, new CertificateIssuerName(myname));
+            if (ext != null) info.set(X509CertInfo.EXTENSIONS, ext);
+
+            cert = new X509CertImpl(info);
+            cert.sign(privateKey, this.sigAlg);
+
+            return (X509Certificate)cert;
+
+        } catch (IOException e) {
+             throw new CertificateEncodingException("getSelfCert: " +
+                                                    e.getMessage());
+        }
+    }
+
+    // Keep the old method
+    public X509Certificate getSelfCertificate (X500Name myname, long validity)
+    throws CertificateException, InvalidKeyException, SignatureException,
+        NoSuchAlgorithmException, NoSuchProviderException
+    {
+        return getSelfCertificate(myname, new Date(), validity);
+    }
+
+    /**
+     * Returns a PKCS #10 certificate request.  The caller uses either
+     * <code>PKCS10.print</code> or <code>PKCS10.toByteArray</code>
+     * operations on the result, to get the request in an appropriate
+     * transmission format.
+     *
+     * <P>PKCS #10 certificate requests are sent, along with some proof
+     * of identity, to Certificate Authorities (CAs) which then issue
+     * X.509 public key certificates.
+     *
+     * @param myname X.500 name of the subject
+     * @exception InvalidKeyException on key handling errors.
+     * @exception SignatureException on signature handling errors.
+     */
+    public PKCS10 getCertRequest (X500Name myname)
+    throws InvalidKeyException, SignatureException
+    {
+        PKCS10  req = new PKCS10 (publicKey);
+
+        try {
+            Signature signature = Signature.getInstance(sigAlg);
+            signature.initSign (privateKey);
+            req.encodeAndSign(myname, signature);
+
+        } catch (CertificateException e) {
+            throw new SignatureException (sigAlg + " CertificateException");
+
+        } catch (IOException e) {
+            throw new SignatureException (sigAlg + " IOException");
+
+        } catch (NoSuchAlgorithmException e) {
+            // "can't happen"
+            throw new SignatureException (sigAlg + " unavailable?");
+        }
+        return req;
+    }
+
+    private SecureRandom        prng;
+    private String              sigAlg;
+    private KeyPairGenerator    keyGen;
+    private PublicKey           publicKey;
+    private PrivateKey          privateKey;
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/keytool/Main.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,4080 @@
+/*
+ * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.keytool;
+
+import java.io.*;
+import java.security.CodeSigner;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.MessageDigest;
+import java.security.Key;
+import java.security.PublicKey;
+import java.security.PrivateKey;
+import java.security.Security;
+import java.security.Signature;
+import java.security.Timestamp;
+import java.security.UnrecoverableEntryException;
+import java.security.UnrecoverableKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.Principal;
+import java.security.Provider;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateFactory;
+import java.security.cert.CertStoreException;
+import java.security.cert.CRL;
+import java.security.cert.X509Certificate;
+import java.security.cert.CertificateException;
+import java.text.Collator;
+import java.text.MessageFormat;
+import java.util.*;
+import java.util.jar.JarEntry;
+import java.util.jar.JarFile;
+import java.lang.reflect.Constructor;
+import java.math.BigInteger;
+import java.net.URI;
+import java.net.URL;
+import java.net.URLClassLoader;
+import java.security.cert.CertStore;
+
+import java.security.cert.X509CRL;
+import java.security.cert.X509CRLEntry;
+import java.security.cert.X509CRLSelector;
+import javax.security.auth.x500.X500Principal;
+import sun.misc.BASE64Encoder;
+import sun.security.util.ObjectIdentifier;
+import sun.security.pkcs10.PKCS10;
+import sun.security.pkcs10.PKCS10Attribute;
+import sun.security.provider.X509Factory;
+import sun.security.provider.certpath.CertStoreHelper;
+import sun.security.util.Password;
+import javax.crypto.KeyGenerator;
+import javax.crypto.SecretKey;
+
+import sun.misc.BASE64Decoder;
+import sun.security.pkcs.PKCS9Attribute;
+import sun.security.tools.KeyStoreUtil;
+import sun.security.tools.PathList;
+import sun.security.util.DerValue;
+import sun.security.x509.*;
+
+import static java.security.KeyStore.*;
+import static sun.security.tools.keytool.Main.Command.*;
+import static sun.security.tools.keytool.Main.Option.*;
+
+/**
+ * This tool manages keystores.
+ *
+ * @author Jan Luehe
+ *
+ *
+ * @see java.security.KeyStore
+ * @see sun.security.provider.KeyProtector
+ * @see sun.security.provider.JavaKeyStore
+ *
+ * @since 1.2
+ */
+public final class Main {
+
+    private boolean debug = false;
+    private Command command = null;
+    private String sigAlgName = null;
+    private String keyAlgName = null;
+    private boolean verbose = false;
+    private int keysize = -1;
+    private boolean rfc = false;
+    private long validity = (long)90;
+    private String alias = null;
+    private String dname = null;
+    private String dest = null;
+    private String filename = null;
+    private String infilename = null;
+    private String outfilename = null;
+    private String srcksfname = null;
+
+    // User-specified providers are added before any command is called.
+    // However, they are not removed before the end of the main() method.
+    // If you're calling KeyTool.main() directly in your own Java program,
+    // please programtically add any providers you need and do not specify
+    // them through the command line.
+
+    private Set<Pair <String, String>> providers = null;
+    private String storetype = null;
+    private String srcProviderName = null;
+    private String providerName = null;
+    private String pathlist = null;
+    private char[] storePass = null;
+    private char[] storePassNew = null;
+    private char[] keyPass = null;
+    private char[] keyPassNew = null;
+    private char[] newPass = null;
+    private char[] destKeyPass = null;
+    private char[] srckeyPass = null;
+    private String ksfname = null;
+    private File ksfile = null;
+    private InputStream ksStream = null; // keystore stream
+    private String sslserver = null;
+    private String jarfile = null;
+    private KeyStore keyStore = null;
+    private boolean token = false;
+    private boolean nullStream = false;
+    private boolean kssave = false;
+    private boolean noprompt = false;
+    private boolean trustcacerts = false;
+    private boolean protectedPath = false;
+    private boolean srcprotectedPath = false;
+    private CertificateFactory cf = null;
+    private KeyStore caks = null; // "cacerts" keystore
+    private char[] srcstorePass = null;
+    private String srcstoretype = null;
+    private Set<char[]> passwords = new HashSet<>();
+    private String startDate = null;
+
+    private List<String> ids = new ArrayList<>();   // used in GENCRL
+    private List<String> v3ext = new ArrayList<>();
+
+    enum Command {
+        CERTREQ("Generates.a.certificate.request",
+            ALIAS, SIGALG, FILEOUT, KEYPASS, KEYSTORE, DNAME,
+            STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS,
+            PROVIDERARG, PROVIDERPATH, V, PROTECTED),
+        CHANGEALIAS("Changes.an.entry.s.alias",
+            ALIAS, DESTALIAS, KEYPASS, KEYSTORE, STOREPASS,
+            STORETYPE, PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
+            PROVIDERPATH, V, PROTECTED),
+        DELETE("Deletes.an.entry",
+            ALIAS, KEYSTORE, STOREPASS, STORETYPE,
+            PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
+            PROVIDERPATH, V, PROTECTED),
+        EXPORTCERT("Exports.certificate",
+            RFC, ALIAS, FILEOUT, KEYSTORE, STOREPASS,
+            STORETYPE, PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
+            PROVIDERPATH, V, PROTECTED),
+        GENKEYPAIR("Generates.a.key.pair",
+            ALIAS, KEYALG, KEYSIZE, SIGALG, DESTALIAS, DNAME,
+            STARTDATE, EXT, VALIDITY, KEYPASS, KEYSTORE,
+            STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS,
+            PROVIDERARG, PROVIDERPATH, V, PROTECTED),
+        GENSECKEY("Generates.a.secret.key",
+            ALIAS, KEYPASS, KEYALG, KEYSIZE, KEYSTORE,
+            STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS,
+            PROVIDERARG, PROVIDERPATH, V, PROTECTED),
+        GENCERT("Generates.certificate.from.a.certificate.request",
+            RFC, INFILE, OUTFILE, ALIAS, SIGALG, DNAME,
+            STARTDATE, EXT, VALIDITY, KEYPASS, KEYSTORE,
+            STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS,
+            PROVIDERARG, PROVIDERPATH, V, PROTECTED),
+        IMPORTCERT("Imports.a.certificate.or.a.certificate.chain",
+            NOPROMPT, TRUSTCACERTS, PROTECTED, ALIAS, FILEIN,
+            KEYPASS, KEYSTORE, STOREPASS, STORETYPE,
+            PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
+            PROVIDERPATH, V),
+        IMPORTKEYSTORE("Imports.one.or.all.entries.from.another.keystore",
+            SRCKEYSTORE, DESTKEYSTORE, SRCSTORETYPE,
+            DESTSTORETYPE, SRCSTOREPASS, DESTSTOREPASS,
+            SRCPROTECTED, SRCPROVIDERNAME, DESTPROVIDERNAME,
+            SRCALIAS, DESTALIAS, SRCKEYPASS, DESTKEYPASS,
+            NOPROMPT, PROVIDERCLASS, PROVIDERARG, PROVIDERPATH,
+            V),
+        KEYPASSWD("Changes.the.key.password.of.an.entry",
+            ALIAS, KEYPASS, NEW, KEYSTORE, STOREPASS,
+            STORETYPE, PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
+            PROVIDERPATH, V),
+        LIST("Lists.entries.in.a.keystore",
+            RFC, ALIAS, KEYSTORE, STOREPASS, STORETYPE,
+            PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
+            PROVIDERPATH, V, PROTECTED),
+        PRINTCERT("Prints.the.content.of.a.certificate",
+            RFC, FILEIN, SSLSERVER, JARFILE, V),
+        PRINTCERTREQ("Prints.the.content.of.a.certificate.request",
+            FILEIN, V),
+        PRINTCRL("Prints.the.content.of.a.CRL.file",
+            FILEIN, V),
+        STOREPASSWD("Changes.the.store.password.of.a.keystore",
+            NEW, KEYSTORE, STOREPASS, STORETYPE, PROVIDERNAME,
+            PROVIDERCLASS, PROVIDERARG, PROVIDERPATH, V),
+
+        // Undocumented start here, KEYCLONE is used a marker in -help;
+
+        KEYCLONE("Clones.a.key.entry",
+            ALIAS, DESTALIAS, KEYPASS, NEW, STORETYPE,
+            KEYSTORE, STOREPASS, PROVIDERNAME, PROVIDERCLASS,
+            PROVIDERARG, PROVIDERPATH, V),
+        SELFCERT("Generates.a.self.signed.certificate",
+            ALIAS, SIGALG, DNAME, STARTDATE, VALIDITY, KEYPASS,
+            STORETYPE, KEYSTORE, STOREPASS, PROVIDERNAME,
+            PROVIDERCLASS, PROVIDERARG, PROVIDERPATH, V),
+        GENCRL("Generates.CRL",
+            RFC, FILEOUT, ID,
+            ALIAS, SIGALG, EXT, KEYPASS, KEYSTORE,
+            STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS,
+            PROVIDERARG, PROVIDERPATH, V, PROTECTED),
+        IDENTITYDB("Imports.entries.from.a.JDK.1.1.x.style.identity.database",
+            FILEIN, STORETYPE, KEYSTORE, STOREPASS, PROVIDERNAME,
+            PROVIDERCLASS, PROVIDERARG, PROVIDERPATH, V);
+
+        final String description;
+        final Option[] options;
+        Command(String d, Option... o) {
+            description = d;
+            options = o;
+        }
+        @Override
+        public String toString() {
+            return "-" + name().toLowerCase(Locale.ENGLISH);
+        }
+    };
+
+    enum Option {
+        ALIAS("alias", "<alias>", "alias.name.of.the.entry.to.process"),
+        DESTALIAS("destalias", "<destalias>", "destination.alias"),
+        DESTKEYPASS("destkeypass", "<arg>", "destination.key.password"),
+        DESTKEYSTORE("destkeystore", "<destkeystore>", "destination.keystore.name"),
+        DESTPROTECTED("destprotected", null, "destination.keystore.password.protected"),
+        DESTPROVIDERNAME("destprovidername", "<destprovidername>", "destination.keystore.provider.name"),
+        DESTSTOREPASS("deststorepass", "<arg>", "destination.keystore.password"),
+        DESTSTORETYPE("deststoretype", "<deststoretype>", "destination.keystore.type"),
+        DNAME("dname", "<dname>", "distinguished.name"),
+        EXT("ext", "<value>", "X.509.extension"),
+        FILEOUT("file", "<filename>", "output.file.name"),
+        FILEIN("file", "<filename>", "input.file.name"),
+        ID("id", "<id:reason>", "Serial.ID.of.cert.to.revoke"),
+        INFILE("infile", "<filename>", "input.file.name"),
+        KEYALG("keyalg", "<keyalg>", "key.algorithm.name"),
+        KEYPASS("keypass", "<arg>", "key.password"),
+        KEYSIZE("keysize", "<keysize>", "key.bit.size"),
+        KEYSTORE("keystore", "<keystore>", "keystore.name"),
+        NEW("new", "<arg>", "new.password"),
+        NOPROMPT("noprompt", null, "do.not.prompt"),
+        OUTFILE("outfile", "<filename>", "output.file.name"),
+        PROTECTED("protected", null, "password.through.protected.mechanism"),
+        PROVIDERARG("providerarg", "<arg>", "provider.argument"),
+        PROVIDERCLASS("providerclass", "<providerclass>", "provider.class.name"),
+        PROVIDERNAME("providername", "<providername>", "provider.name"),
+        PROVIDERPATH("providerpath", "<pathlist>", "provider.classpath"),
+        RFC("rfc", null, "output.in.RFC.style"),
+        SIGALG("sigalg", "<sigalg>", "signature.algorithm.name"),
+        SRCALIAS("srcalias", "<srcalias>", "source.alias"),
+        SRCKEYPASS("srckeypass", "<arg>", "source.key.password"),
+        SRCKEYSTORE("srckeystore", "<srckeystore>", "source.keystore.name"),
+        SRCPROTECTED("srcprotected", null, "source.keystore.password.protected"),
+        SRCPROVIDERNAME("srcprovidername", "<srcprovidername>", "source.keystore.provider.name"),
+        SRCSTOREPASS("srcstorepass", "<arg>", "source.keystore.password"),
+        SRCSTORETYPE("srcstoretype", "<srcstoretype>", "source.keystore.type"),
+        SSLSERVER("sslserver", "<server[:port]>", "SSL.server.host.and.port"),
+        JARFILE("jarfile", "<filename>", "signed.jar.file"),
+        STARTDATE("startdate", "<startdate>", "certificate.validity.start.date.time"),
+        STOREPASS("storepass", "<arg>", "keystore.password"),
+        STORETYPE("storetype", "<storetype>", "keystore.type"),
+        TRUSTCACERTS("trustcacerts", null, "trust.certificates.from.cacerts"),
+        V("v", null, "verbose.output"),
+        VALIDITY("validity", "<valDays>", "validity.number.of.days");
+
+        final String name, arg, description;
+        Option(String name, String arg, String description) {
+            this.name = name;
+            this.arg = arg;
+            this.description = description;
+        }
+        @Override
+        public String toString() {
+            return "-" + name;
+        }
+    };
+
+    private static final Class[] PARAM_STRING = { String.class };
+
+    private static final String NONE = "NONE";
+    private static final String P11KEYSTORE = "PKCS11";
+    private static final String P12KEYSTORE = "PKCS12";
+    private final String keyAlias = "mykey";
+
+    // for i18n
+    private static final java.util.ResourceBundle rb =
+        java.util.ResourceBundle.getBundle(
+            "sun.security.tools.keytool.Resources");
+    private static final Collator collator = Collator.getInstance();
+    static {
+        // this is for case insensitive string comparisons
+        collator.setStrength(Collator.PRIMARY);
+    };
+
+    private Main() { }
+
+    public static void main(String[] args) throws Exception {
+        Main kt = new Main();
+        kt.run(args, System.out);
+    }
+
+    private void run(String[] args, PrintStream out) throws Exception {
+        try {
+            parseArgs(args);
+            if (command != null) {
+                doCommands(out);
+            }
+        } catch (Exception e) {
+            System.out.println(rb.getString("keytool.error.") + e);
+            if (verbose) {
+                e.printStackTrace(System.out);
+            }
+            if (!debug) {
+                System.exit(1);
+            } else {
+                throw e;
+            }
+        } finally {
+            for (char[] pass : passwords) {
+                if (pass != null) {
+                    Arrays.fill(pass, ' ');
+                    pass = null;
+                }
+            }
+
+            if (ksStream != null) {
+                ksStream.close();
+            }
+        }
+    }
+
+    /**
+     * Parse command line arguments.
+     */
+    void parseArgs(String[] args) {
+
+        int i=0;
+        boolean help = args.length == 0;
+
+        for (i=0; (i < args.length) && args[i].startsWith("-"); i++) {
+
+            String flags = args[i];
+
+            // Check if the last option needs an arg
+            if (i == args.length - 1) {
+                for (Option option: Option.values()) {
+                    // Only options with an arg need to be checked
+                    if (collator.compare(flags, option.toString()) == 0) {
+                        if (option.arg != null) errorNeedArgument(flags);
+                        break;
+                    }
+                }
+            }
+
+            /*
+             * Check modifiers
+             */
+            String modifier = null;
+            int pos = flags.indexOf(':');
+            if (pos > 0) {
+                modifier = flags.substring(pos+1);
+                flags = flags.substring(0, pos);
+            }
+            /*
+             * command modes
+             */
+            boolean isCommand = false;
+            for (Command c: Command.values()) {
+                if (collator.compare(flags, c.toString()) == 0) {
+                    command = c;
+                    isCommand = true;
+                    break;
+                }
+            }
+
+            if (isCommand) {
+                // already recognized as a command
+            } else if (collator.compare(flags, "-export") == 0) {
+                command = EXPORTCERT;
+            } else if (collator.compare(flags, "-genkey") == 0) {
+                command = GENKEYPAIR;
+            } else if (collator.compare(flags, "-import") == 0) {
+                command = IMPORTCERT;
+            }
+            /*
+             * Help
+             */
+            else if (collator.compare(flags, "-help") == 0) {
+                help = true;
+            }
+
+            /*
+             * specifiers
+             */
+            else if (collator.compare(flags, "-keystore") == 0 ||
+                    collator.compare(flags, "-destkeystore") == 0) {
+                ksfname = args[++i];
+            } else if (collator.compare(flags, "-storepass") == 0 ||
+                    collator.compare(flags, "-deststorepass") == 0) {
+                storePass = getPass(modifier, args[++i]);
+                passwords.add(storePass);
+            } else if (collator.compare(flags, "-storetype") == 0 ||
+                    collator.compare(flags, "-deststoretype") == 0) {
+                storetype = args[++i];
+            } else if (collator.compare(flags, "-srcstorepass") == 0) {
+                srcstorePass = getPass(modifier, args[++i]);
+                passwords.add(srcstorePass);
+            } else if (collator.compare(flags, "-srcstoretype") == 0) {
+                srcstoretype = args[++i];
+            } else if (collator.compare(flags, "-srckeypass") == 0) {
+                srckeyPass = getPass(modifier, args[++i]);
+                passwords.add(srckeyPass);
+            } else if (collator.compare(flags, "-srcprovidername") == 0) {
+                srcProviderName = args[++i];
+            } else if (collator.compare(flags, "-providername") == 0 ||
+                    collator.compare(flags, "-destprovidername") == 0) {
+                providerName = args[++i];
+            } else if (collator.compare(flags, "-providerpath") == 0) {
+                pathlist = args[++i];
+            } else if (collator.compare(flags, "-keypass") == 0) {
+                keyPass = getPass(modifier, args[++i]);
+                passwords.add(keyPass);
+            } else if (collator.compare(flags, "-new") == 0) {
+                newPass = getPass(modifier, args[++i]);
+                passwords.add(newPass);
+            } else if (collator.compare(flags, "-destkeypass") == 0) {
+                destKeyPass = getPass(modifier, args[++i]);
+                passwords.add(destKeyPass);
+            } else if (collator.compare(flags, "-alias") == 0 ||
+                    collator.compare(flags, "-srcalias") == 0) {
+                alias = args[++i];
+            } else if (collator.compare(flags, "-dest") == 0 ||
+                    collator.compare(flags, "-destalias") == 0) {
+                dest = args[++i];
+            } else if (collator.compare(flags, "-dname") == 0) {
+                dname = args[++i];
+            } else if (collator.compare(flags, "-keysize") == 0) {
+                keysize = Integer.parseInt(args[++i]);
+            } else if (collator.compare(flags, "-keyalg") == 0) {
+                keyAlgName = args[++i];
+            } else if (collator.compare(flags, "-sigalg") == 0) {
+                sigAlgName = args[++i];
+            } else if (collator.compare(flags, "-startdate") == 0) {
+                startDate = args[++i];
+            } else if (collator.compare(flags, "-validity") == 0) {
+                validity = Long.parseLong(args[++i]);
+            } else if (collator.compare(flags, "-ext") == 0) {
+                v3ext.add(args[++i]);
+            } else if (collator.compare(flags, "-id") == 0) {
+                ids.add(args[++i]);
+            } else if (collator.compare(flags, "-file") == 0) {
+                filename = args[++i];
+            } else if (collator.compare(flags, "-infile") == 0) {
+                infilename = args[++i];
+            } else if (collator.compare(flags, "-outfile") == 0) {
+                outfilename = args[++i];
+            } else if (collator.compare(flags, "-sslserver") == 0) {
+                sslserver = args[++i];
+            } else if (collator.compare(flags, "-jarfile") == 0) {
+                jarfile = args[++i];
+            } else if (collator.compare(flags, "-srckeystore") == 0) {
+                srcksfname = args[++i];
+            } else if ((collator.compare(flags, "-provider") == 0) ||
+                        (collator.compare(flags, "-providerclass") == 0)) {
+                if (providers == null) {
+                    providers = new HashSet<Pair <String, String>> (3);
+                }
+                String providerClass = args[++i];
+                String providerArg = null;
+
+                if (args.length > (i+1)) {
+                    flags = args[i+1];
+                    if (collator.compare(flags, "-providerarg") == 0) {
+                        if (args.length == (i+2)) errorNeedArgument(flags);
+                        providerArg = args[i+2];
+                        i += 2;
+                    }
+                }
+                providers.add(
+                        Pair.of(providerClass, providerArg));
+            }
+
+            /*
+             * options
+             */
+            else if (collator.compare(flags, "-v") == 0) {
+                verbose = true;
+            } else if (collator.compare(flags, "-debug") == 0) {
+                debug = true;
+            } else if (collator.compare(flags, "-rfc") == 0) {
+                rfc = true;
+            } else if (collator.compare(flags, "-noprompt") == 0) {
+                noprompt = true;
+            } else if (collator.compare(flags, "-trustcacerts") == 0) {
+                trustcacerts = true;
+            } else if (collator.compare(flags, "-protected") == 0 ||
+                    collator.compare(flags, "-destprotected") == 0) {
+                protectedPath = true;
+            } else if (collator.compare(flags, "-srcprotected") == 0) {
+                srcprotectedPath = true;
+            } else  {
+                System.err.println(rb.getString("Illegal.option.") + flags);
+                tinyHelp();
+            }
+        }
+
+        if (i<args.length) {
+            System.err.println(rb.getString("Illegal.option.") + args[i]);
+            tinyHelp();
+        }
+
+        if (command == null) {
+            if (help) {
+                usage();
+            } else {
+                System.err.println(rb.getString("Usage.error.no.command.provided"));
+                tinyHelp();
+            }
+        } else if (help) {
+            usage();
+            command = null;
+        }
+    }
+
+    boolean isKeyStoreRelated(Command cmd) {
+        return cmd != PRINTCERT && cmd != PRINTCERTREQ;
+    }
+
+    /**
+     * Execute the commands.
+     */
+    void doCommands(PrintStream out) throws Exception {
+
+        if (storetype == null) {
+            storetype = KeyStore.getDefaultType();
+        }
+        storetype = KeyStoreUtil.niceStoreTypeName(storetype);
+
+        if (srcstoretype == null) {
+            srcstoretype = KeyStore.getDefaultType();
+        }
+        srcstoretype = KeyStoreUtil.niceStoreTypeName(srcstoretype);
+
+        if (P11KEYSTORE.equalsIgnoreCase(storetype) ||
+                KeyStoreUtil.isWindowsKeyStore(storetype)) {
+            token = true;
+            if (ksfname == null) {
+                ksfname = NONE;
+            }
+        }
+        if (NONE.equals(ksfname)) {
+            nullStream = true;
+        }
+
+        if (token && !nullStream) {
+            System.err.println(MessageFormat.format(rb.getString
+                (".keystore.must.be.NONE.if.storetype.is.{0}"), storetype));
+            System.err.println();
+            tinyHelp();
+        }
+
+        if (token &&
+            (command == KEYPASSWD || command == STOREPASSWD)) {
+            throw new UnsupportedOperationException(MessageFormat.format(rb.getString
+                        (".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}"), storetype));
+        }
+
+        if (P12KEYSTORE.equalsIgnoreCase(storetype) && command == KEYPASSWD) {
+            throw new UnsupportedOperationException(rb.getString
+                        (".keypasswd.commands.not.supported.if.storetype.is.PKCS12"));
+        }
+
+        if (token && (keyPass != null || newPass != null || destKeyPass != null)) {
+            throw new IllegalArgumentException(MessageFormat.format(rb.getString
+                (".keypass.and.new.can.not.be.specified.if.storetype.is.{0}"), storetype));
+        }
+
+        if (protectedPath) {
+            if (storePass != null || keyPass != null ||
+                    newPass != null || destKeyPass != null) {
+                throw new IllegalArgumentException(rb.getString
+                        ("if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified"));
+            }
+        }
+
+        if (srcprotectedPath) {
+            if (srcstorePass != null || srckeyPass != null) {
+                throw new IllegalArgumentException(rb.getString
+                        ("if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified"));
+            }
+        }
+
+        if (KeyStoreUtil.isWindowsKeyStore(storetype)) {
+            if (storePass != null || keyPass != null ||
+                    newPass != null || destKeyPass != null) {
+                throw new IllegalArgumentException(rb.getString
+                        ("if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified"));
+            }
+        }
+
+        if (KeyStoreUtil.isWindowsKeyStore(srcstoretype)) {
+            if (srcstorePass != null || srckeyPass != null) {
+                throw new IllegalArgumentException(rb.getString
+                        ("if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified"));
+            }
+        }
+
+        if (validity <= (long)0) {
+            throw new Exception
+                (rb.getString("Validity.must.be.greater.than.zero"));
+        }
+
+        // Try to load and install specified provider
+        if (providers != null) {
+            ClassLoader cl = null;
+            if (pathlist != null) {
+                String path = null;
+                path = PathList.appendPath(
+                        path, System.getProperty("java.class.path"));
+                path = PathList.appendPath(
+                        path, System.getProperty("env.class.path"));
+                path = PathList.appendPath(path, pathlist);
+
+                URL[] urls = PathList.pathToURLs(path);
+                cl = new URLClassLoader(urls);
+            } else {
+                cl = ClassLoader.getSystemClassLoader();
+            }
+
+            for (Pair <String, String> provider: providers) {
+                String provName = provider.fst;
+                Class<?> provClass;
+                if (cl != null) {
+                    provClass = cl.loadClass(provName);
+                } else {
+                    provClass = Class.forName(provName);
+                }
+
+                String provArg = provider.snd;
+                Object obj;
+                if (provArg == null) {
+                    obj = provClass.newInstance();
+                } else {
+                    Constructor<?> c = provClass.getConstructor(PARAM_STRING);
+                    obj = c.newInstance(provArg);
+                }
+                if (!(obj instanceof Provider)) {
+                    MessageFormat form = new MessageFormat
+                        (rb.getString("provName.not.a.provider"));
+                    Object[] source = {provName};
+                    throw new Exception(form.format(source));
+                }
+                Security.addProvider((Provider)obj);
+            }
+        }
+
+        if (command == LIST && verbose && rfc) {
+            System.err.println(rb.getString
+                ("Must.not.specify.both.v.and.rfc.with.list.command"));
+            tinyHelp();
+        }
+
+        // Make sure provided passwords are at least 6 characters long
+        if (command == GENKEYPAIR && keyPass!=null && keyPass.length < 6) {
+            throw new Exception(rb.getString
+                ("Key.password.must.be.at.least.6.characters"));
+        }
+        if (newPass != null && newPass.length < 6) {
+            throw new Exception(rb.getString
+                ("New.password.must.be.at.least.6.characters"));
+        }
+        if (destKeyPass != null && destKeyPass.length < 6) {
+            throw new Exception(rb.getString
+                ("New.password.must.be.at.least.6.characters"));
+        }
+
+        // Check if keystore exists.
+        // If no keystore has been specified at the command line, try to use
+        // the default, which is located in $HOME/.keystore.
+        // If the command is "genkey", "identitydb", "import", or "printcert",
+        // it is OK not to have a keystore.
+        if (isKeyStoreRelated(command)) {
+            if (ksfname == null) {
+                ksfname = System.getProperty("user.home") + File.separator
+                    + ".keystore";
+            }
+
+            if (!nullStream) {
+                try {
+                    ksfile = new File(ksfname);
+                    // Check if keystore file is empty
+                    if (ksfile.exists() && ksfile.length() == 0) {
+                        throw new Exception(rb.getString
+                        ("Keystore.file.exists.but.is.empty.") + ksfname);
+                    }
+                    ksStream = new FileInputStream(ksfile);
+                } catch (FileNotFoundException e) {
+                    if (command != GENKEYPAIR &&
+                        command != GENSECKEY &&
+                        command != IDENTITYDB &&
+                        command != IMPORTCERT &&
+                        command != IMPORTKEYSTORE &&
+                        command != PRINTCRL) {
+                        throw new Exception(rb.getString
+                                ("Keystore.file.does.not.exist.") + ksfname);
+                    }
+                }
+            }
+        }
+
+        if ((command == KEYCLONE || command == CHANGEALIAS)
+                && dest == null) {
+            dest = getAlias("destination");
+            if ("".equals(dest)) {
+                throw new Exception(rb.getString
+                        ("Must.specify.destination.alias"));
+            }
+        }
+
+        if (command == DELETE && alias == null) {
+            alias = getAlias(null);
+            if ("".equals(alias)) {
+                throw new Exception(rb.getString("Must.specify.alias"));
+            }
+        }
+
+        // Create new keystore
+        if (providerName == null) {
+            keyStore = KeyStore.getInstance(storetype);
+        } else {
+            keyStore = KeyStore.getInstance(storetype, providerName);
+        }
+
+        /*
+         * Load the keystore data.
+         *
+         * At this point, it's OK if no keystore password has been provided.
+         * We want to make sure that we can load the keystore data, i.e.,
+         * the keystore data has the right format. If we cannot load the
+         * keystore, why bother asking the user for his or her password?
+         * Only if we were able to load the keystore, and no keystore
+         * password has been provided, will we prompt the user for the
+         * keystore password to verify the keystore integrity.
+         * This means that the keystore is loaded twice: first load operation
+         * checks the keystore format, second load operation verifies the
+         * keystore integrity.
+         *
+         * If the keystore password has already been provided (at the
+         * command line), however, the keystore is loaded only once, and the
+         * keystore format and integrity are checked "at the same time".
+         *
+         * Null stream keystores are loaded later.
+         */
+        if (!nullStream) {
+            keyStore.load(ksStream, storePass);
+            if (ksStream != null) {
+                ksStream.close();
+            }
+        }
+
+        // All commands that create or modify the keystore require a keystore
+        // password.
+
+        if (nullStream && storePass != null) {
+            keyStore.load(null, storePass);
+        } else if (!nullStream && storePass != null) {
+            // If we are creating a new non nullStream-based keystore,
+            // insist that the password be at least 6 characters
+            if (ksStream == null && storePass.length < 6) {
+                throw new Exception(rb.getString
+                        ("Keystore.password.must.be.at.least.6.characters"));
+            }
+        } else if (storePass == null) {
+
+            // only prompt if (protectedPath == false)
+
+            if (!protectedPath && !KeyStoreUtil.isWindowsKeyStore(storetype) &&
+                (command == CERTREQ ||
+                        command == DELETE ||
+                        command == GENKEYPAIR ||
+                        command == GENSECKEY ||
+                        command == IMPORTCERT ||
+                        command == IMPORTKEYSTORE ||
+                        command == KEYCLONE ||
+                        command == CHANGEALIAS ||
+                        command == SELFCERT ||
+                        command == STOREPASSWD ||
+                        command == KEYPASSWD ||
+                        command == IDENTITYDB)) {
+                int count = 0;
+                do {
+                    if (command == IMPORTKEYSTORE) {
+                        System.err.print
+                                (rb.getString("Enter.destination.keystore.password."));
+                    } else {
+                        System.err.print
+                                (rb.getString("Enter.keystore.password."));
+                    }
+                    System.err.flush();
+                    storePass = Password.readPassword(System.in);
+                    passwords.add(storePass);
+
+                    // If we are creating a new non nullStream-based keystore,
+                    // insist that the password be at least 6 characters
+                    if (!nullStream && (storePass == null || storePass.length < 6)) {
+                        System.err.println(rb.getString
+                                ("Keystore.password.is.too.short.must.be.at.least.6.characters"));
+                        storePass = null;
+                    }
+
+                    // If the keystore file does not exist and needs to be
+                    // created, the storepass should be prompted twice.
+                    if (storePass != null && !nullStream && ksStream == null) {
+                        System.err.print(rb.getString("Re.enter.new.password."));
+                        char[] storePassAgain = Password.readPassword(System.in);
+                        passwords.add(storePassAgain);
+                        if (!Arrays.equals(storePass, storePassAgain)) {
+                            System.err.println
+                                (rb.getString("They.don.t.match.Try.again"));
+                            storePass = null;
+                        }
+                    }
+
+                    count++;
+                } while ((storePass == null) && count < 3);
+
+
+                if (storePass == null) {
+                    System.err.println
+                        (rb.getString("Too.many.failures.try.later"));
+                    return;
+                }
+            } else if (!protectedPath
+                    && !KeyStoreUtil.isWindowsKeyStore(storetype)
+                    && isKeyStoreRelated(command)) {
+                // here we have EXPORTCERT and LIST (info valid until STOREPASSWD)
+                if (command != PRINTCRL) {
+                    System.err.print(rb.getString("Enter.keystore.password."));
+                    System.err.flush();
+                    storePass = Password.readPassword(System.in);
+                    passwords.add(storePass);
+                }
+            }
+
+            // Now load a nullStream-based keystore,
+            // or verify the integrity of an input stream-based keystore
+            if (nullStream) {
+                keyStore.load(null, storePass);
+            } else if (ksStream != null) {
+                ksStream = new FileInputStream(ksfile);
+                keyStore.load(ksStream, storePass);
+                ksStream.close();
+            }
+        }
+
+        if (storePass != null && P12KEYSTORE.equalsIgnoreCase(storetype)) {
+            MessageFormat form = new MessageFormat(rb.getString(
+                "Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value."));
+            if (keyPass != null && !Arrays.equals(storePass, keyPass)) {
+                Object[] source = {"-keypass"};
+                System.err.println(form.format(source));
+                keyPass = storePass;
+            }
+            if (newPass != null && !Arrays.equals(storePass, newPass)) {
+                Object[] source = {"-new"};
+                System.err.println(form.format(source));
+                newPass = storePass;
+            }
+            if (destKeyPass != null && !Arrays.equals(storePass, destKeyPass)) {
+                Object[] source = {"-destkeypass"};
+                System.err.println(form.format(source));
+                destKeyPass = storePass;
+            }
+        }
+
+        // Create a certificate factory
+        if (command == PRINTCERT || command == IMPORTCERT
+                || command == IDENTITYDB || command == PRINTCRL) {
+            cf = CertificateFactory.getInstance("X509");
+        }
+
+        if (trustcacerts) {
+            caks = KeyStoreUtil.getCacertsKeyStore();
+        }
+
+        // Perform the specified command
+        if (command == CERTREQ) {
+            if (filename != null) {
+                try (PrintStream ps = new PrintStream(new FileOutputStream
+                                                      (filename))) {
+                    doCertReq(alias, sigAlgName, ps);
+                }
+            } else {
+                doCertReq(alias, sigAlgName, out);
+            }
+            if (verbose && filename != null) {
+                MessageFormat form = new MessageFormat(rb.getString
+                        ("Certification.request.stored.in.file.filename."));
+                Object[] source = {filename};
+                System.err.println(form.format(source));
+                System.err.println(rb.getString("Submit.this.to.your.CA"));
+            }
+        } else if (command == DELETE) {
+            doDeleteEntry(alias);
+            kssave = true;
+        } else if (command == EXPORTCERT) {
+            if (filename != null) {
+                try (PrintStream ps = new PrintStream(new FileOutputStream
+                                                   (filename))) {
+                    doExportCert(alias, ps);
+                }
+            } else {
+                doExportCert(alias, out);
+            }
+            if (filename != null) {
+                MessageFormat form = new MessageFormat(rb.getString
+                        ("Certificate.stored.in.file.filename."));
+                Object[] source = {filename};
+                System.err.println(form.format(source));
+            }
+        } else if (command == GENKEYPAIR) {
+            if (keyAlgName == null) {
+                keyAlgName = "DSA";
+            }
+            doGenKeyPair(alias, dname, keyAlgName, keysize, sigAlgName);
+            kssave = true;
+        } else if (command == GENSECKEY) {
+            if (keyAlgName == null) {
+                keyAlgName = "DES";
+            }
+            doGenSecretKey(alias, keyAlgName, keysize);
+            kssave = true;
+        } else if (command == IDENTITYDB) {
+            if (filename != null) {
+                try (InputStream inStream = new FileInputStream(filename)) {
+                    doImportIdentityDatabase(inStream);
+                }
+            } else {
+                doImportIdentityDatabase(System.in);
+            }
+        } else if (command == IMPORTCERT) {
+            InputStream inStream = System.in;
+            if (filename != null) {
+                inStream = new FileInputStream(filename);
+            }
+            String importAlias = (alias!=null)?alias:keyAlias;
+            try {
+                if (keyStore.entryInstanceOf(
+                        importAlias, KeyStore.PrivateKeyEntry.class)) {
+                    kssave = installReply(importAlias, inStream);
+                    if (kssave) {
+                        System.err.println(rb.getString
+                            ("Certificate.reply.was.installed.in.keystore"));
+                    } else {
+                        System.err.println(rb.getString
+                            ("Certificate.reply.was.not.installed.in.keystore"));
+                    }
+                } else if (!keyStore.containsAlias(importAlias) ||
+                        keyStore.entryInstanceOf(importAlias,
+                            KeyStore.TrustedCertificateEntry.class)) {
+                    kssave = addTrustedCert(importAlias, inStream);
+                    if (kssave) {
+                        System.err.println(rb.getString
+                            ("Certificate.was.added.to.keystore"));
+                    } else {
+                        System.err.println(rb.getString
+                            ("Certificate.was.not.added.to.keystore"));
+                    }
+                }
+            } finally {
+                if (inStream != System.in) {
+                    inStream.close();
+                }
+            }
+        } else if (command == IMPORTKEYSTORE) {
+            doImportKeyStore();
+            kssave = true;
+        } else if (command == KEYCLONE) {
+            keyPassNew = newPass;
+
+            // added to make sure only key can go thru
+            if (alias == null) {
+                alias = keyAlias;
+            }
+            if (keyStore.containsAlias(alias) == false) {
+                MessageFormat form = new MessageFormat
+                    (rb.getString("Alias.alias.does.not.exist"));
+                Object[] source = {alias};
+                throw new Exception(form.format(source));
+            }
+            if (!keyStore.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class)) {
+                MessageFormat form = new MessageFormat(rb.getString(
+                        "Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key"));
+                Object[] source = {alias};
+                throw new Exception(form.format(source));
+            }
+
+            doCloneEntry(alias, dest, true);  // Now everything can be cloned
+            kssave = true;
+        } else if (command == CHANGEALIAS) {
+            if (alias == null) {
+                alias = keyAlias;
+            }
+            doCloneEntry(alias, dest, false);
+            // in PKCS11, clone a PrivateKeyEntry will delete the old one
+            if (keyStore.containsAlias(alias)) {
+                doDeleteEntry(alias);
+            }
+            kssave = true;
+        } else if (command == KEYPASSWD) {
+            keyPassNew = newPass;
+            doChangeKeyPasswd(alias);
+            kssave = true;
+        } else if (command == LIST) {
+            if (alias != null) {
+                doPrintEntry(alias, out, true);
+            } else {
+                doPrintEntries(out);
+            }
+        } else if (command == PRINTCERT) {
+            doPrintCert(out);
+        } else if (command == SELFCERT) {
+            doSelfCert(alias, dname, sigAlgName);
+            kssave = true;
+        } else if (command == STOREPASSWD) {
+            storePassNew = newPass;
+            if (storePassNew == null) {
+                storePassNew = getNewPasswd("keystore password", storePass);
+            }
+            kssave = true;
+        } else if (command == GENCERT) {
+            if (alias == null) {
+                alias = keyAlias;
+            }
+            InputStream inStream = System.in;
+            if (infilename != null) {
+                inStream = new FileInputStream(infilename);
+            }
+            PrintStream ps = null;
+            if (outfilename != null) {
+                ps = new PrintStream(new FileOutputStream(outfilename));
+                out = ps;
+            }
+            try {
+                doGenCert(alias, sigAlgName, inStream, out);
+            } finally {
+                if (inStream != System.in) {
+                    inStream.close();
+                }
+                if (ps != null) {
+                    ps.close();
+                }
+            }
+        } else if (command == GENCRL) {
+            if (alias == null) {
+                alias = keyAlias;
+            }
+            if (filename != null) {
+                try (PrintStream ps =
+                         new PrintStream(new FileOutputStream(filename))) {
+                    doGenCRL(ps);
+                }
+            } else {
+                doGenCRL(out);
+            }
+        } else if (command == PRINTCERTREQ) {
+            if (filename != null) {
+                try (InputStream inStream = new FileInputStream(filename)) {
+                    doPrintCertReq(inStream, out);
+                }
+            } else {
+                doPrintCertReq(System.in, out);
+            }
+        } else if (command == PRINTCRL) {
+            doPrintCRL(filename, out);
+        }
+
+        // If we need to save the keystore, do so.
+        if (kssave) {
+            if (verbose) {
+                MessageFormat form = new MessageFormat
+                        (rb.getString(".Storing.ksfname."));
+                Object[] source = {nullStream ? "keystore" : ksfname};
+                System.err.println(form.format(source));
+            }
+
+            if (token) {
+                keyStore.store(null, null);
+            } else {
+                char[] pass = (storePassNew!=null) ? storePassNew : storePass;
+                if (nullStream) {
+                    keyStore.store(null, pass);
+                } else {
+                    ByteArrayOutputStream bout = new ByteArrayOutputStream();
+                    keyStore.store(bout, pass);
+                    try (FileOutputStream fout = new FileOutputStream(ksfname)) {
+                        fout.write(bout.toByteArray());
+                    }
+                }
+            }
+        }
+    }
+
+    /**
+     * Generate a certificate: Read PKCS10 request from in, and print
+     * certificate to out. Use alias as CA, sigAlgName as the signature
+     * type.
+     */
+    private void doGenCert(String alias, String sigAlgName, InputStream in, PrintStream out)
+            throws Exception {
+
+
+        Certificate signerCert = keyStore.getCertificate(alias);
+        byte[] encoded = signerCert.getEncoded();
+        X509CertImpl signerCertImpl = new X509CertImpl(encoded);
+        X509CertInfo signerCertInfo = (X509CertInfo)signerCertImpl.get(
+                X509CertImpl.NAME + "." + X509CertImpl.INFO);
+        X500Name issuer = (X500Name)signerCertInfo.get(X509CertInfo.SUBJECT + "." +
+                                           CertificateSubjectName.DN_NAME);
+
+        Date firstDate = getStartDate(startDate);
+        Date lastDate = new Date();
+        lastDate.setTime(firstDate.getTime() + validity*1000L*24L*60L*60L);
+        CertificateValidity interval = new CertificateValidity(firstDate,
+                                                               lastDate);
+
+        PrivateKey privateKey =
+                (PrivateKey)recoverKey(alias, storePass, keyPass).fst;
+        if (sigAlgName == null) {
+            sigAlgName = getCompatibleSigAlgName(privateKey.getAlgorithm());
+        }
+        Signature signature = Signature.getInstance(sigAlgName);
+        signature.initSign(privateKey);
+
+        X509CertInfo info = new X509CertInfo();
+        info.set(X509CertInfo.VALIDITY, interval);
+        info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(
+                    new java.util.Random().nextInt() & 0x7fffffff));
+        info.set(X509CertInfo.VERSION,
+                    new CertificateVersion(CertificateVersion.V3));
+        info.set(X509CertInfo.ALGORITHM_ID,
+                    new CertificateAlgorithmId(
+                        AlgorithmId.get(sigAlgName)));
+        info.set(X509CertInfo.ISSUER, new CertificateIssuerName(issuer));
+
+        BufferedReader reader = new BufferedReader(new InputStreamReader(in));
+        boolean canRead = false;
+        StringBuffer sb = new StringBuffer();
+        while (true) {
+            String s = reader.readLine();
+            if (s == null) break;
+            // OpenSSL does not use NEW
+            //if (s.startsWith("-----BEGIN NEW CERTIFICATE REQUEST-----")) {
+            if (s.startsWith("-----BEGIN") && s.indexOf("REQUEST") >= 0) {
+                canRead = true;
+            //} else if (s.startsWith("-----END NEW CERTIFICATE REQUEST-----")) {
+            } else if (s.startsWith("-----END") && s.indexOf("REQUEST") >= 0) {
+                break;
+            } else if (canRead) {
+                sb.append(s);
+            }
+        }
+        byte[] rawReq = new BASE64Decoder().decodeBuffer(new String(sb));
+        PKCS10 req = new PKCS10(rawReq);
+
+        info.set(X509CertInfo.KEY, new CertificateX509Key(req.getSubjectPublicKeyInfo()));
+        info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(
+                dname==null?req.getSubjectName():new X500Name(dname)));
+        CertificateExtensions reqex = null;
+        Iterator<PKCS10Attribute> attrs = req.getAttributes().getAttributes().iterator();
+        while (attrs.hasNext()) {
+            PKCS10Attribute attr = attrs.next();
+            if (attr.getAttributeId().equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) {
+                reqex = (CertificateExtensions)attr.getAttributeValue();
+            }
+        }
+        CertificateExtensions ext = createV3Extensions(
+                reqex,
+                null,
+                v3ext,
+                req.getSubjectPublicKeyInfo(),
+                signerCert.getPublicKey());
+        info.set(X509CertInfo.EXTENSIONS, ext);
+        X509CertImpl cert = new X509CertImpl(info);
+        cert.sign(privateKey, sigAlgName);
+        dumpCert(cert, out);
+        for (Certificate ca: keyStore.getCertificateChain(alias)) {
+            if (ca instanceof X509Certificate) {
+                X509Certificate xca = (X509Certificate)ca;
+                if (!isSelfSigned(xca)) {
+                    dumpCert(xca, out);
+                }
+            }
+        }
+    }
+
+    private void doGenCRL(PrintStream out)
+            throws Exception {
+        if (ids == null) {
+            throw new Exception("Must provide -id when -gencrl");
+        }
+        Certificate signerCert = keyStore.getCertificate(alias);
+        byte[] encoded = signerCert.getEncoded();
+        X509CertImpl signerCertImpl = new X509CertImpl(encoded);
+        X509CertInfo signerCertInfo = (X509CertInfo)signerCertImpl.get(
+                X509CertImpl.NAME + "." + X509CertImpl.INFO);
+        X500Name owner = (X500Name)signerCertInfo.get(X509CertInfo.SUBJECT + "." +
+                                           CertificateSubjectName.DN_NAME);
+
+        Date firstDate = getStartDate(startDate);
+        Date lastDate = (Date) firstDate.clone();
+        lastDate.setTime(lastDate.getTime() + validity*1000*24*60*60);
+        CertificateValidity interval = new CertificateValidity(firstDate,
+                                                               lastDate);
+
+
+        PrivateKey privateKey =
+                (PrivateKey)recoverKey(alias, storePass, keyPass).fst;
+        if (sigAlgName == null) {
+            sigAlgName = getCompatibleSigAlgName(privateKey.getAlgorithm());
+        }
+
+        X509CRLEntry[] badCerts = new X509CRLEntry[ids.size()];
+        for (int i=0; i<ids.size(); i++) {
+            String id = ids.get(i);
+            int d = id.indexOf(':');
+            if (d >= 0) {
+                CRLExtensions ext = new CRLExtensions();
+                ext.set("Reason", new CRLReasonCodeExtension(Integer.parseInt(id.substring(d+1))));
+                badCerts[i] = new X509CRLEntryImpl(new BigInteger(id.substring(0, d)),
+                        firstDate, ext);
+            } else {
+                badCerts[i] = new X509CRLEntryImpl(new BigInteger(ids.get(i)), firstDate);
+            }
+        }
+        X509CRLImpl crl = new X509CRLImpl(owner, firstDate, lastDate, badCerts);
+        crl.sign(privateKey, sigAlgName);
+        if (rfc) {
+            out.println("-----BEGIN X509 CRL-----");
+            new BASE64Encoder().encodeBuffer(crl.getEncodedInternal(), out);
+            out.println("-----END X509 CRL-----");
+        } else {
+            out.write(crl.getEncodedInternal());
+        }
+    }
+
+    /**
+     * Creates a PKCS#10 cert signing request, corresponding to the
+     * keys (and name) associated with a given alias.
+     */
+    private void doCertReq(String alias, String sigAlgName, PrintStream out)
+        throws Exception
+    {
+        if (alias == null) {
+            alias = keyAlias;
+        }
+
+        Pair<Key,char[]> objs = recoverKey(alias, storePass, keyPass);
+        PrivateKey privKey = (PrivateKey)objs.fst;
+        if (keyPass == null) {
+            keyPass = objs.snd;
+        }
+
+        Certificate cert = keyStore.getCertificate(alias);
+        if (cert == null) {
+            MessageFormat form = new MessageFormat
+                (rb.getString("alias.has.no.public.key.certificate."));
+            Object[] source = {alias};
+            throw new Exception(form.format(source));
+        }
+        PKCS10 request = new PKCS10(cert.getPublicKey());
+        CertificateExtensions ext = createV3Extensions(null, null, v3ext, cert.getPublicKey(), null);
+        // Attribute name is not significant
+        request.getAttributes().setAttribute(X509CertInfo.EXTENSIONS,
+                new PKCS10Attribute(PKCS9Attribute.EXTENSION_REQUEST_OID, ext));
+
+        // Construct a Signature object, so that we can sign the request
+        if (sigAlgName == null) {
+            sigAlgName = getCompatibleSigAlgName(privKey.getAlgorithm());
+        }
+
+        Signature signature = Signature.getInstance(sigAlgName);
+        signature.initSign(privKey);
+        X500Name subject = dname == null?
+                new X500Name(((X509Certificate)cert).getSubjectDN().toString()):
+                new X500Name(dname);
+
+        // Sign the request and base-64 encode it
+        request.encodeAndSign(subject, signature);
+        request.print(out);
+    }
+
+    /**
+     * Deletes an entry from the keystore.
+     */
+    private void doDeleteEntry(String alias) throws Exception {
+        if (keyStore.containsAlias(alias) == false) {
+            MessageFormat form = new MessageFormat
+                (rb.getString("Alias.alias.does.not.exist"));
+            Object[] source = {alias};
+            throw new Exception(form.format(source));
+        }
+        keyStore.deleteEntry(alias);
+    }
+
+    /**
+     * Exports a certificate from the keystore.
+     */
+    private void doExportCert(String alias, PrintStream out)
+        throws Exception
+    {
+        if (storePass == null
+                && !KeyStoreUtil.isWindowsKeyStore(storetype)) {
+            printWarning();
+        }
+        if (alias == null) {
+            alias = keyAlias;
+        }
+        if (keyStore.containsAlias(alias) == false) {
+            MessageFormat form = new MessageFormat
+                (rb.getString("Alias.alias.does.not.exist"));
+            Object[] source = {alias};
+            throw new Exception(form.format(source));
+        }
+
+        X509Certificate cert = (X509Certificate)keyStore.getCertificate(alias);
+        if (cert == null) {
+            MessageFormat form = new MessageFormat
+                (rb.getString("Alias.alias.has.no.certificate"));
+            Object[] source = {alias};
+            throw new Exception(form.format(source));
+        }
+        dumpCert(cert, out);
+    }
+
+    /**
+     * Prompt the user for a keypass when generating a key entry.
+     * @param alias the entry we will set password for
+     * @param orig the original entry of doing a dup, null if generate new
+     * @param origPass the password to copy from if user press ENTER
+     */
+    private char[] promptForKeyPass(String alias, String orig, char[] origPass) throws Exception{
+        if (P12KEYSTORE.equalsIgnoreCase(storetype)) {
+            return origPass;
+        } else if (!token && !protectedPath) {
+            // Prompt for key password
+            int count;
+            for (count = 0; count < 3; count++) {
+                MessageFormat form = new MessageFormat(rb.getString
+                        ("Enter.key.password.for.alias."));
+                Object[] source = {alias};
+                System.err.println(form.format(source));
+                if (orig == null) {
+                    System.err.print(rb.getString
+                            (".RETURN.if.same.as.keystore.password."));
+                } else {
+                    form = new MessageFormat(rb.getString
+                            (".RETURN.if.same.as.for.otherAlias."));
+                    Object[] src = {orig};
+                    System.err.print(form.format(src));
+                }
+                System.err.flush();
+                char[] entered = Password.readPassword(System.in);
+                passwords.add(entered);
+                if (entered == null) {
+                    return origPass;
+                } else if (entered.length >= 6) {
+                    System.err.print(rb.getString("Re.enter.new.password."));
+                    char[] passAgain = Password.readPassword(System.in);
+                    passwords.add(passAgain);
+                    if (!Arrays.equals(entered, passAgain)) {
+                        System.err.println
+                            (rb.getString("They.don.t.match.Try.again"));
+                        continue;
+                    }
+                    return entered;
+                } else {
+                    System.err.println(rb.getString
+                        ("Key.password.is.too.short.must.be.at.least.6.characters"));
+                }
+            }
+            if (count == 3) {
+                if (command == KEYCLONE) {
+                    throw new Exception(rb.getString
+                        ("Too.many.failures.Key.entry.not.cloned"));
+                } else {
+                    throw new Exception(rb.getString
+                            ("Too.many.failures.key.not.added.to.keystore"));
+                }
+            }
+        }
+        return null;    // PKCS11, MSCAPI, or -protected
+    }
+    /**
+     * Creates a new secret key.
+     */
+    private void doGenSecretKey(String alias, String keyAlgName,
+                              int keysize)
+        throws Exception
+    {
+        if (alias == null) {
+            alias = keyAlias;
+        }
+        if (keyStore.containsAlias(alias)) {
+            MessageFormat form = new MessageFormat(rb.getString
+                ("Secret.key.not.generated.alias.alias.already.exists"));
+            Object[] source = {alias};
+            throw new Exception(form.format(source));
+        }
+
+        SecretKey secKey = null;
+        KeyGenerator keygen = KeyGenerator.getInstance(keyAlgName);
+        if (keysize != -1) {
+            keygen.init(keysize);
+        } else if ("DES".equalsIgnoreCase(keyAlgName)) {
+            keygen.init(56);
+        } else if ("DESede".equalsIgnoreCase(keyAlgName)) {
+            keygen.init(168);
+        } else {
+            throw new Exception(rb.getString
+                ("Please.provide.keysize.for.secret.key.generation"));
+        }
+
+        secKey = keygen.generateKey();
+        if (keyPass == null) {
+            keyPass = promptForKeyPass(alias, null, storePass);
+        }
+        keyStore.setKeyEntry(alias, secKey, keyPass, null);
+    }
+
+    /**
+     * If no signature algorithm was specified at the command line,
+     * we choose one that is compatible with the selected private key
+     */
+    private static String getCompatibleSigAlgName(String keyAlgName)
+            throws Exception {
+        if ("DSA".equalsIgnoreCase(keyAlgName)) {
+            return "SHA1WithDSA";
+        } else if ("RSA".equalsIgnoreCase(keyAlgName)) {
+            return "SHA256WithRSA";
+        } else if ("EC".equalsIgnoreCase(keyAlgName)) {
+            return "SHA256withECDSA";
+        } else {
+            throw new Exception(rb.getString
+                    ("Cannot.derive.signature.algorithm"));
+        }
+    }
+    /**
+     * Creates a new key pair and self-signed certificate.
+     */
+    private void doGenKeyPair(String alias, String dname, String keyAlgName,
+                              int keysize, String sigAlgName)
+        throws Exception
+    {
+        if (keysize == -1) {
+            if ("EC".equalsIgnoreCase(keyAlgName)) {
+                keysize = 256;
+            } else if ("RSA".equalsIgnoreCase(keyAlgName)) {
+                keysize = 2048;
+            } else {
+                keysize = 1024;
+            }
+        }
+
+        if (alias == null) {
+            alias = keyAlias;
+        }
+
+        if (keyStore.containsAlias(alias)) {
+            MessageFormat form = new MessageFormat(rb.getString
+                ("Key.pair.not.generated.alias.alias.already.exists"));
+            Object[] source = {alias};
+            throw new Exception(form.format(source));
+        }
+
+        if (sigAlgName == null) {
+            sigAlgName = getCompatibleSigAlgName(keyAlgName);
+        }
+        CertAndKeyGen keypair =
+                new CertAndKeyGen(keyAlgName, sigAlgName, providerName);
+
+
+        // If DN is provided, parse it. Otherwise, prompt the user for it.
+        X500Name x500Name;
+        if (dname == null) {
+            x500Name = getX500Name();
+        } else {
+            x500Name = new X500Name(dname);
+        }
+
+        keypair.generate(keysize);
+        PrivateKey privKey = keypair.getPrivateKey();
+
+        CertificateExtensions ext = createV3Extensions(
+                null,
+                null,
+                v3ext,
+                keypair.getPublicKeyAnyway(),
+                null);
+
+        X509Certificate[] chain = new X509Certificate[1];
+        chain[0] = keypair.getSelfCertificate(
+                x500Name, getStartDate(startDate), validity*24L*60L*60L, ext);
+
+        if (verbose) {
+            MessageFormat form = new MessageFormat(rb.getString
+                ("Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for"));
+            Object[] source = {new Integer(keysize),
+                                privKey.getAlgorithm(),
+                                chain[0].getSigAlgName(),
+                                new Long(validity),
+                                x500Name};
+            System.err.println(form.format(source));
+        }
+
+        if (keyPass == null) {
+            keyPass = promptForKeyPass(alias, null, storePass);
+        }
+        keyStore.setKeyEntry(alias, privKey, keyPass, chain);
+    }
+
+    /**
+     * Clones an entry
+     * @param orig original alias
+     * @param dest destination alias
+     * @changePassword if the password can be changed
+     */
+    private void doCloneEntry(String orig, String dest, boolean changePassword)
+        throws Exception
+    {
+        if (orig == null) {
+            orig = keyAlias;
+        }
+
+        if (keyStore.containsAlias(dest)) {
+            MessageFormat form = new MessageFormat
+                (rb.getString("Destination.alias.dest.already.exists"));
+            Object[] source = {dest};
+            throw new Exception(form.format(source));
+        }
+
+        Pair<Entry,char[]> objs = recoverEntry(keyStore, orig, storePass, keyPass);
+        Entry entry = objs.fst;
+        keyPass = objs.snd;
+
+        PasswordProtection pp = null;
+
+        if (keyPass != null) {  // protected
+            if (!changePassword || P12KEYSTORE.equalsIgnoreCase(storetype)) {
+                keyPassNew = keyPass;
+            } else {
+                if (keyPassNew == null) {
+                    keyPassNew = promptForKeyPass(dest, orig, keyPass);
+                }
+            }
+            pp = new PasswordProtection(keyPassNew);
+        }
+        keyStore.setEntry(dest, entry, pp);
+    }
+
+    /**
+     * Changes a key password.
+     */
+    private void doChangeKeyPasswd(String alias) throws Exception
+    {
+
+        if (alias == null) {
+            alias = keyAlias;
+        }
+        Pair<Key,char[]> objs = recoverKey(alias, storePass, keyPass);
+        Key privKey = objs.fst;
+        if (keyPass == null) {
+            keyPass = objs.snd;
+        }
+
+        if (keyPassNew == null) {
+            MessageFormat form = new MessageFormat
+                (rb.getString("key.password.for.alias."));
+            Object[] source = {alias};
+            keyPassNew = getNewPasswd(form.format(source), keyPass);
+        }
+        keyStore.setKeyEntry(alias, privKey, keyPassNew,
+                             keyStore.getCertificateChain(alias));
+    }
+
+    /**
+     * Imports a JDK 1.1-style identity database. We can only store one
+     * certificate per identity, because we use the identity's name as the
+     * alias (which references a keystore entry), and aliases must be unique.
+     */
+    private void doImportIdentityDatabase(InputStream in)
+        throws Exception
+    {
+        System.err.println(rb.getString
+            ("No.entries.from.identity.database.added"));
+    }
+
+    /**
+     * Prints a single keystore entry.
+     */
+    private void doPrintEntry(String alias, PrintStream out,
+                              boolean printWarning)
+        throws Exception
+    {
+        if (storePass == null && printWarning
+                && !KeyStoreUtil.isWindowsKeyStore(storetype)) {
+            printWarning();
+        }
+
+        if (keyStore.containsAlias(alias) == false) {
+            MessageFormat form = new MessageFormat
+                (rb.getString("Alias.alias.does.not.exist"));
+            Object[] source = {alias};
+            throw new Exception(form.format(source));
+        }
+
+        if (verbose || rfc || debug) {
+            MessageFormat form = new MessageFormat
+                (rb.getString("Alias.name.alias"));
+            Object[] source = {alias};
+            out.println(form.format(source));
+
+            if (!token) {
+                form = new MessageFormat(rb.getString
+                    ("Creation.date.keyStore.getCreationDate.alias."));
+                Object[] src = {keyStore.getCreationDate(alias)};
+                out.println(form.format(src));
+            }
+        } else {
+            if (!token) {
+                MessageFormat form = new MessageFormat
+                    (rb.getString("alias.keyStore.getCreationDate.alias."));
+                Object[] source = {alias, keyStore.getCreationDate(alias)};
+                out.print(form.format(source));
+            } else {
+                MessageFormat form = new MessageFormat
+                    (rb.getString("alias."));
+                Object[] source = {alias};
+                out.print(form.format(source));
+            }
+        }
+
+        if (keyStore.entryInstanceOf(alias, KeyStore.SecretKeyEntry.class)) {
+            if (verbose || rfc || debug) {
+                Object[] source = {"SecretKeyEntry"};
+                out.println(new MessageFormat(
+                        rb.getString("Entry.type.type.")).format(source));
+            } else {
+                out.println("SecretKeyEntry, ");
+            }
+        } else if (keyStore.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class)) {
+            if (verbose || rfc || debug) {
+                Object[] source = {"PrivateKeyEntry"};
+                out.println(new MessageFormat(
+                        rb.getString("Entry.type.type.")).format(source));
+            } else {
+                out.println("PrivateKeyEntry, ");
+            }
+
+            // Get the chain
+            Certificate[] chain = keyStore.getCertificateChain(alias);
+            if (chain != null) {
+                if (verbose || rfc || debug) {
+                    out.println(rb.getString
+                        ("Certificate.chain.length.") + chain.length);
+                    for (int i = 0; i < chain.length; i ++) {
+                        MessageFormat form = new MessageFormat
+                                (rb.getString("Certificate.i.1."));
+                        Object[] source = {new Integer((i + 1))};
+                        out.println(form.format(source));
+                        if (verbose && (chain[i] instanceof X509Certificate)) {
+                            printX509Cert((X509Certificate)(chain[i]), out);
+                        } else if (debug) {
+                            out.println(chain[i].toString());
+                        } else {
+                            dumpCert(chain[i], out);
+                        }
+                    }
+                } else {
+                    // Print the digest of the user cert only
+                    out.println
+                        (rb.getString("Certificate.fingerprint.SHA1.") +
+                        getCertFingerPrint("SHA1", chain[0]));
+                }
+            }
+        } else if (keyStore.entryInstanceOf(alias,
+                KeyStore.TrustedCertificateEntry.class)) {
+            // We have a trusted certificate entry
+            Certificate cert = keyStore.getCertificate(alias);
+            Object[] source = {"trustedCertEntry"};
+            String mf = new MessageFormat(
+                    rb.getString("Entry.type.type.")).format(source) + "\n";
+            if (verbose && (cert instanceof X509Certificate)) {
+                out.println(mf);
+                printX509Cert((X509Certificate)cert, out);
+            } else if (rfc) {
+                out.println(mf);
+                dumpCert(cert, out);
+            } else if (debug) {
+                out.println(cert.toString());
+            } else {
+                out.println("trustedCertEntry, ");
+                out.println(rb.getString("Certificate.fingerprint.SHA1.")
+                            + getCertFingerPrint("SHA1", cert));
+            }
+        } else {
+            out.println(rb.getString("Unknown.Entry.Type"));
+        }
+    }
+
+    /**
+     * Load the srckeystore from a stream, used in -importkeystore
+     * @returns the src KeyStore
+     */
+    KeyStore loadSourceKeyStore() throws Exception {
+        boolean isPkcs11 = false;
+
+        InputStream is = null;
+
+        if (P11KEYSTORE.equalsIgnoreCase(srcstoretype) ||
+                KeyStoreUtil.isWindowsKeyStore(srcstoretype)) {
+            if (!NONE.equals(srcksfname)) {
+                System.err.println(MessageFormat.format(rb.getString
+                    (".keystore.must.be.NONE.if.storetype.is.{0}"), srcstoretype));
+                System.err.println();
+                tinyHelp();
+            }
+            isPkcs11 = true;
+        } else {
+            if (srcksfname != null) {
+                File srcksfile = new File(srcksfname);
+                    if (srcksfile.exists() && srcksfile.length() == 0) {
+                        throw new Exception(rb.getString
+                                ("Source.keystore.file.exists.but.is.empty.") +
+                                srcksfname);
+                }
+                is = new FileInputStream(srcksfile);
+            } else {
+                throw new Exception(rb.getString
+                        ("Please.specify.srckeystore"));
+            }
+        }
+
+        KeyStore store;
+        try {
+            if (srcProviderName == null) {
+                store = KeyStore.getInstance(srcstoretype);
+            } else {
+                store = KeyStore.getInstance(srcstoretype, srcProviderName);
+            }
+
+            if (srcstorePass == null
+                    && !srcprotectedPath
+                    && !KeyStoreUtil.isWindowsKeyStore(srcstoretype)) {
+                System.err.print(rb.getString("Enter.source.keystore.password."));
+                System.err.flush();
+                srcstorePass = Password.readPassword(System.in);
+                passwords.add(srcstorePass);
+            }
+
+            // always let keypass be storepass when using pkcs12
+            if (P12KEYSTORE.equalsIgnoreCase(srcstoretype)) {
+                if (srckeyPass != null && srcstorePass != null &&
+                        !Arrays.equals(srcstorePass, srckeyPass)) {
+                    MessageFormat form = new MessageFormat(rb.getString(
+                        "Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value."));
+                    Object[] source = {"-srckeypass"};
+                    System.err.println(form.format(source));
+                    srckeyPass = srcstorePass;
+                }
+            }
+
+            store.load(is, srcstorePass);   // "is" already null in PKCS11
+        } finally {
+            if (is != null) {
+                is.close();
+            }
+        }
+
+        if (srcstorePass == null
+                && !KeyStoreUtil.isWindowsKeyStore(srcstoretype)) {
+            // anti refactoring, copied from printWarning(),
+            // but change 2 lines
+            System.err.println();
+            System.err.println(rb.getString
+                (".WARNING.WARNING.WARNING."));
+            System.err.println(rb.getString
+                (".The.integrity.of.the.information.stored.in.the.srckeystore."));
+            System.err.println(rb.getString
+                (".WARNING.WARNING.WARNING."));
+            System.err.println();
+        }
+
+        return store;
+    }
+
+    /**
+     * import all keys and certs from importkeystore.
+     * keep alias unchanged if no name conflict, otherwise, prompt.
+     * keep keypass unchanged for keys
+     */
+    private void doImportKeyStore() throws Exception {
+
+        if (alias != null) {
+            doImportKeyStoreSingle(loadSourceKeyStore(), alias);
+        } else {
+            if (dest != null || srckeyPass != null || destKeyPass != null) {
+                throw new Exception(rb.getString(
+                        "if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified"));
+            }
+            doImportKeyStoreAll(loadSourceKeyStore());
+        }
+        /*
+         * Information display rule of -importkeystore
+         * 1. inside single, shows failure
+         * 2. inside all, shows sucess
+         * 3. inside all where there is a failure, prompt for continue
+         * 4. at the final of all, shows summary
+         */
+    }
+
+    /**
+     * Import a single entry named alias from srckeystore
+     * @returns 1 if the import action succeed
+     *          0 if user choose to ignore an alias-dumplicated entry
+     *          2 if setEntry throws Exception
+     */
+    private int doImportKeyStoreSingle(KeyStore srckeystore, String alias)
+            throws Exception {
+
+        String newAlias = (dest==null) ? alias : dest;
+
+        if (keyStore.containsAlias(newAlias)) {
+            Object[] source = {alias};
+            if (noprompt) {
+                System.err.println(new MessageFormat(rb.getString(
+                        "Warning.Overwriting.existing.alias.alias.in.destination.keystore")).format(source));
+            } else {
+                String reply = getYesNoReply(new MessageFormat(rb.getString(
+                        "Existing.entry.alias.alias.exists.overwrite.no.")).format(source));
+                if ("NO".equals(reply)) {
+                    newAlias = inputStringFromStdin(rb.getString
+                            ("Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry."));
+                    if ("".equals(newAlias)) {
+                        System.err.println(new MessageFormat(rb.getString(
+                                "Entry.for.alias.alias.not.imported.")).format(
+                                source));
+                        return 0;
+                    }
+                }
+            }
+        }
+
+        Pair<Entry,char[]> objs = recoverEntry(srckeystore, alias, srcstorePass, srckeyPass);
+        Entry entry = objs.fst;
+
+        PasswordProtection pp = null;
+
+        // According to keytool.html, "The destination entry will be protected
+        // using destkeypass. If destkeypass is not provided, the destination
+        // entry will be protected with the source entry password."
+        // so always try to protect with destKeyPass.
+        if (destKeyPass != null) {
+            pp = new PasswordProtection(destKeyPass);
+        } else if (objs.snd != null) {
+            pp = new PasswordProtection(objs.snd);
+        }
+
+        try {
+            keyStore.setEntry(newAlias, entry, pp);
+            return 1;
+        } catch (KeyStoreException kse) {
+            Object[] source2 = {alias, kse.toString()};
+            MessageFormat form = new MessageFormat(rb.getString(
+                    "Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported."));
+            System.err.println(form.format(source2));
+            return 2;
+        }
+    }
+
+    private void doImportKeyStoreAll(KeyStore srckeystore) throws Exception {
+
+        int ok = 0;
+        int count = srckeystore.size();
+        for (Enumeration<String> e = srckeystore.aliases();
+                                        e.hasMoreElements(); ) {
+            String alias = e.nextElement();
+            int result = doImportKeyStoreSingle(srckeystore, alias);
+            if (result == 1) {
+                ok++;
+                Object[] source = {alias};
+                MessageFormat form = new MessageFormat(rb.getString("Entry.for.alias.alias.successfully.imported."));
+                System.err.println(form.format(source));
+            } else if (result == 2) {
+                if (!noprompt) {
+                    String reply = getYesNoReply("Do you want to quit the import process? [no]:  ");
+                    if ("YES".equals(reply)) {
+                        break;
+                    }
+                }
+            }
+        }
+        Object[] source = {ok, count-ok};
+        MessageFormat form = new MessageFormat(rb.getString(
+                "Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled"));
+        System.err.println(form.format(source));
+    }
+
+    /**
+     * Prints all keystore entries.
+     */
+    private void doPrintEntries(PrintStream out)
+        throws Exception
+    {
+        if (storePass == null
+                && !KeyStoreUtil.isWindowsKeyStore(storetype)) {
+            printWarning();
+        } else {
+            out.println();
+        }
+
+        out.println(rb.getString("Keystore.type.") + keyStore.getType());
+        out.println(rb.getString("Keystore.provider.") +
+                keyStore.getProvider().getName());
+        out.println();
+
+        MessageFormat form;
+        form = (keyStore.size() == 1) ?
+                new MessageFormat(rb.getString
+                        ("Your.keystore.contains.keyStore.size.entry")) :
+                new MessageFormat(rb.getString
+                        ("Your.keystore.contains.keyStore.size.entries"));
+        Object[] source = {new Integer(keyStore.size())};
+        out.println(form.format(source));
+        out.println();
+
+        for (Enumeration<String> e = keyStore.aliases();
+                                        e.hasMoreElements(); ) {
+            String alias = e.nextElement();
+            doPrintEntry(alias, out, false);
+            if (verbose || rfc) {
+                out.println(rb.getString("NEWLINE"));
+                out.println(rb.getString
+                        ("STAR"));
+                out.println(rb.getString
+                        ("STARNN"));
+            }
+        }
+    }
+
+    private static <T> Iterable<T> e2i(final Enumeration<T> e) {
+        return new Iterable<T>() {
+            @Override
+            public Iterator<T> iterator() {
+                return new Iterator<T>() {
+                    @Override
+                    public boolean hasNext() {
+                        return e.hasMoreElements();
+                    }
+                    @Override
+                    public T next() {
+                        return e.nextElement();
+                    }
+                    public void remove() {
+                        throw new UnsupportedOperationException("Not supported yet.");
+                    }
+                };
+            }
+        };
+    }
+
+    /**
+     * Loads CRLs from a source. This method is also called in JarSigner.
+     * @param src the source, which means System.in if null, or a URI,
+     *        or a bare file path name
+     */
+    public static Collection<? extends CRL> loadCRLs(String src) throws Exception {
+        InputStream in = null;
+        URI uri = null;
+        if (src == null) {
+            in = System.in;
+        } else {
+            try {
+                uri = new URI(src);
+                if (uri.getScheme().equals("ldap")) {
+                    // No input stream for LDAP
+                } else {
+                    in = uri.toURL().openStream();
+                }
+            } catch (Exception e) {
+                try {
+                    in = new FileInputStream(src);
+                } catch (Exception e2) {
+                    if (uri == null || uri.getScheme() == null) {
+                        throw e2;   // More likely a bare file path
+                    } else {
+                        throw e;    // More likely a protocol or network problem
+                    }
+                }
+            }
+        }
+        if (in != null) {
+            try {
+                // Read the full stream before feeding to X509Factory,
+                // otherwise, keytool -gencrl | keytool -printcrl
+                // might not work properly, since -gencrl is slow
+                // and there's no data in the pipe at the beginning.
+                ByteArrayOutputStream bout = new ByteArrayOutputStream();
+                byte[] b = new byte[4096];
+                while (true) {
+                    int len = in.read(b);
+                    if (len < 0) break;
+                    bout.write(b, 0, len);
+                }
+                return CertificateFactory.getInstance("X509").generateCRLs(
+                        new ByteArrayInputStream(bout.toByteArray()));
+            } finally {
+                if (in != System.in) {
+                    in.close();
+                }
+            }
+        } else {    // must be LDAP, and uri is not null
+            // Lazily load LDAPCertStoreHelper if present
+            CertStoreHelper helper = CertStoreHelper.getInstance("LDAP");
+            String path = uri.getPath();
+            if (path.charAt(0) == '/') path = path.substring(1);
+            CertStore s = helper.getCertStore(uri);
+            X509CRLSelector sel =
+                    helper.wrap(new X509CRLSelector(), null, path);
+            return s.getCRLs(sel);
+        }
+    }
+
+    /**
+     * Returns CRLs described in a X509Certificate's CRLDistributionPoints
+     * Extension. Only those containing a general name of type URI are read.
+     */
+    public static List<CRL> readCRLsFromCert(X509Certificate cert)
+            throws Exception {
+        List<CRL> crls = new ArrayList<>();
+        CRLDistributionPointsExtension ext =
+                X509CertImpl.toImpl(cert).getCRLDistributionPointsExtension();
+        if (ext == null) return crls;
+        List<DistributionPoint> distPoints =
+                ext.get(CRLDistributionPointsExtension.POINTS);
+        for (DistributionPoint o: distPoints) {
+            GeneralNames names = o.getFullName();
+            if (names != null) {
+                for (GeneralName name: names.names()) {
+                    if (name.getType() == GeneralNameInterface.NAME_URI) {
+                        URIName uriName = (URIName)name.getName();
+                        for (CRL crl: loadCRLs(uriName.getName())) {
+                            if (crl instanceof X509CRL) {
+                                crls.add((X509CRL)crl);
+                            }
+                        }
+                        break;  // Different name should point to same CRL
+                    }
+                }
+            }
+        }
+        return crls;
+    }
+
+    private static String verifyCRL(KeyStore ks, CRL crl)
+            throws Exception {
+        X509CRLImpl xcrl = (X509CRLImpl)crl;
+        X500Principal issuer = xcrl.getIssuerX500Principal();
+        for (String s: e2i(ks.aliases())) {
+            Certificate cert = ks.getCertificate(s);
+            if (cert instanceof X509Certificate) {
+                X509Certificate xcert = (X509Certificate)cert;
+                if (xcert.getSubjectX500Principal().equals(issuer)) {
+                    try {
+                        ((X509CRLImpl)crl).verify(cert.getPublicKey());
+                        return s;
+                    } catch (Exception e) {
+                    }
+                }
+            }
+        }
+        return null;
+    }
+
+    private void doPrintCRL(String src, PrintStream out)
+            throws Exception {
+        for (CRL crl: loadCRLs(src)) {
+            printCRL(crl, out);
+            String issuer = null;
+            if (caks != null) {
+                issuer = verifyCRL(caks, crl);
+                if (issuer != null) {
+                    out.printf(rb.getString(
+                            "verified.by.s.in.s"), issuer, "cacerts");
+                    out.println();
+                }
+            }
+            if (issuer == null && keyStore != null) {
+                issuer = verifyCRL(keyStore, crl);
+                if (issuer != null) {
+                    out.printf(rb.getString(
+                            "verified.by.s.in.s"), issuer, "keystore");
+                    out.println();
+                }
+            }
+            if (issuer == null) {
+                out.println(rb.getString
+                        ("STAR"));
+                out.println(rb.getString
+                        ("warning.not.verified.make.sure.keystore.is.correct"));
+                out.println(rb.getString
+                        ("STARNN"));
+            }
+        }
+    }
+
+    private void printCRL(CRL crl, PrintStream out)
+            throws Exception {
+        if (rfc) {
+            X509CRL xcrl = (X509CRL)crl;
+            out.println("-----BEGIN X509 CRL-----");
+            new BASE64Encoder().encodeBuffer(xcrl.getEncoded(), out);
+            out.println("-----END X509 CRL-----");
+        } else {
+            out.println(crl.toString());
+        }
+    }
+
+    private void doPrintCertReq(InputStream in, PrintStream out)
+            throws Exception {
+
+        BufferedReader reader = new BufferedReader(new InputStreamReader(in));
+        StringBuffer sb = new StringBuffer();
+        boolean started = false;
+        while (true) {
+            String s = reader.readLine();
+            if (s == null) break;
+            if (!started) {
+                if (s.startsWith("-----")) {
+                    started = true;
+                }
+            } else {
+                if (s.startsWith("-----")) {
+                    break;
+                }
+                sb.append(s);
+            }
+        }
+        PKCS10 req = new PKCS10(new BASE64Decoder().decodeBuffer(new String(sb)));
+
+        PublicKey pkey = req.getSubjectPublicKeyInfo();
+        out.printf(rb.getString("PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key."),
+                req.getSubjectName(), pkey.getFormat(), pkey.getAlgorithm());
+        for (PKCS10Attribute attr: req.getAttributes().getAttributes()) {
+            ObjectIdentifier oid = attr.getAttributeId();
+            if (oid.equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) {
+                CertificateExtensions exts = (CertificateExtensions)attr.getAttributeValue();
+                if (exts != null) {
+                    printExtensions(rb.getString("Extension.Request."), exts, out);
+                }
+            } else {
+                out.println(attr.getAttributeId());
+                out.println(attr.getAttributeValue());
+            }
+        }
+        if (debug) {
+            out.println(req);   // Just to see more, say, public key length...
+        }
+    }
+
+    /**
+     * Reads a certificate (or certificate chain) and prints its contents in
+     * a human readable format.
+     */
+    private void printCertFromStream(InputStream in, PrintStream out)
+        throws Exception
+    {
+        Collection<? extends Certificate> c = null;
+        try {
+            c = cf.generateCertificates(in);
+        } catch (CertificateException ce) {
+            throw new Exception(rb.getString("Failed.to.parse.input"), ce);
+        }
+        if (c.isEmpty()) {
+            throw new Exception(rb.getString("Empty.input"));
+        }
+        Certificate[] certs = c.toArray(new Certificate[c.size()]);
+        for (int i=0; i<certs.length; i++) {
+            X509Certificate x509Cert = null;
+            try {
+                x509Cert = (X509Certificate)certs[i];
+            } catch (ClassCastException cce) {
+                throw new Exception(rb.getString("Not.X.509.certificate"));
+            }
+            if (certs.length > 1) {
+                MessageFormat form = new MessageFormat
+                        (rb.getString("Certificate.i.1."));
+                Object[] source = {new Integer(i + 1)};
+                out.println(form.format(source));
+            }
+            if (rfc) dumpCert(x509Cert, out);
+            else printX509Cert(x509Cert, out);
+            if (i < (certs.length-1)) {
+                out.println();
+            }
+        }
+    }
+
+    private void doPrintCert(final PrintStream out) throws Exception {
+        if (jarfile != null) {
+            JarFile jf = new JarFile(jarfile, true);
+            Enumeration<JarEntry> entries = jf.entries();
+            Set<CodeSigner> ss = new HashSet<>();
+            byte[] buffer = new byte[8192];
+            int pos = 0;
+            while (entries.hasMoreElements()) {
+                JarEntry je = entries.nextElement();
+                try (InputStream is = jf.getInputStream(je)) {
+                    while (is.read(buffer) != -1) {
+                        // we just read. this will throw a SecurityException
+                        // if a signature/digest check fails. This also
+                        // populate the signers
+                    }
+                }
+                CodeSigner[] signers = je.getCodeSigners();
+                if (signers != null) {
+                    for (CodeSigner signer: signers) {
+                        if (!ss.contains(signer)) {
+                            ss.add(signer);
+                            out.printf(rb.getString("Signer.d."), ++pos);
+                            out.println();
+                            out.println();
+                            out.println(rb.getString("Signature."));
+                            out.println();
+                            for (Certificate cert: signer.getSignerCertPath().getCertificates()) {
+                                X509Certificate x = (X509Certificate)cert;
+                                if (rfc) {
+                                    out.println(rb.getString("Certificate.owner.") + x.getSubjectDN() + "\n");
+                                    dumpCert(x, out);
+                                } else {
+                                    printX509Cert(x, out);
+                                }
+                                out.println();
+                            }
+                            Timestamp ts = signer.getTimestamp();
+                            if (ts != null) {
+                                out.println(rb.getString("Timestamp."));
+                                out.println();
+                                for (Certificate cert: ts.getSignerCertPath().getCertificates()) {
+                                    X509Certificate x = (X509Certificate)cert;
+                                    if (rfc) {
+                                        out.println(rb.getString("Certificate.owner.") + x.getSubjectDN() + "\n");
+                                        dumpCert(x, out);
+                                    } else {
+                                        printX509Cert(x, out);
+                                    }
+                                    out.println();
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+            jf.close();
+            if (ss.isEmpty()) {
+                out.println(rb.getString("Not.a.signed.jar.file"));
+            }
+        } else if (sslserver != null) {
+            // Lazily load SSLCertStoreHelper if present
+            CertStoreHelper helper = CertStoreHelper.getInstance("SSLServer");
+            CertStore cs = helper.getCertStore(new URI("https://" + sslserver));
+            Collection<? extends Certificate> chain;
+            try {
+                chain = cs.getCertificates(null);
+                if (chain.isEmpty()) {
+                    // If the certs are not retrieved, we consider it an error
+                    // even if the URL connection is successful.
+                    throw new Exception(rb.getString(
+                                        "No.certificate.from.the.SSL.server"));
+                }
+            } catch (CertStoreException cse) {
+                if (cse.getCause() instanceof IOException) {
+                    throw new Exception(rb.getString(
+                                        "No.certificate.from.the.SSL.server"),
+                                        cse.getCause());
+                } else {
+                    throw cse;
+                }
+            }
+
+            int i = 0;
+            for (Certificate cert : chain) {
+                try {
+                    if (rfc) {
+                        dumpCert(cert, out);
+                    } else {
+                        out.println("Certificate #" + i++);
+                        out.println("====================================");
+                        printX509Cert((X509Certificate)cert, out);
+                        out.println();
+                    }
+                } catch (Exception e) {
+                    if (debug) {
+                        e.printStackTrace();
+                    }
+                }
+            }
+        } else {
+            if (filename != null) {
+                try (FileInputStream inStream = new FileInputStream(filename)) {
+                    printCertFromStream(inStream, out);
+                }
+            } else {
+                printCertFromStream(System.in, out);
+            }
+        }
+    }
+    /**
+     * Creates a self-signed certificate, and stores it as a single-element
+     * certificate chain.
+     */
+    private void doSelfCert(String alias, String dname, String sigAlgName)
+        throws Exception
+    {
+        if (alias == null) {
+            alias = keyAlias;
+        }
+
+        Pair<Key,char[]> objs = recoverKey(alias, storePass, keyPass);
+        PrivateKey privKey = (PrivateKey)objs.fst;
+        if (keyPass == null)
+            keyPass = objs.snd;
+
+        // Determine the signature algorithm
+        if (sigAlgName == null) {
+            sigAlgName = getCompatibleSigAlgName(privKey.getAlgorithm());
+        }
+
+        // Get the old certificate
+        Certificate oldCert = keyStore.getCertificate(alias);
+        if (oldCert == null) {
+            MessageFormat form = new MessageFormat
+                (rb.getString("alias.has.no.public.key"));
+            Object[] source = {alias};
+            throw new Exception(form.format(source));
+        }
+        if (!(oldCert instanceof X509Certificate)) {
+            MessageFormat form = new MessageFormat
+                (rb.getString("alias.has.no.X.509.certificate"));
+            Object[] source = {alias};
+            throw new Exception(form.format(source));
+        }
+
+        // convert to X509CertImpl, so that we can modify selected fields
+        // (no public APIs available yet)
+        byte[] encoded = oldCert.getEncoded();
+        X509CertImpl certImpl = new X509CertImpl(encoded);
+        X509CertInfo certInfo = (X509CertInfo)certImpl.get(X509CertImpl.NAME
+                                                           + "." +
+                                                           X509CertImpl.INFO);
+
+        // Extend its validity
+        Date firstDate = getStartDate(startDate);
+        Date lastDate = new Date();
+        lastDate.setTime(firstDate.getTime() + validity*1000L*24L*60L*60L);
+        CertificateValidity interval = new CertificateValidity(firstDate,
+                                                               lastDate);
+        certInfo.set(X509CertInfo.VALIDITY, interval);
+
+        // Make new serial number
+        certInfo.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(
+                    new java.util.Random().nextInt() & 0x7fffffff));
+
+        // Set owner and issuer fields
+        X500Name owner;
+        if (dname == null) {
+            // Get the owner name from the certificate
+            owner = (X500Name)certInfo.get(X509CertInfo.SUBJECT + "." +
+                                           CertificateSubjectName.DN_NAME);
+        } else {
+            // Use the owner name specified at the command line
+            owner = new X500Name(dname);
+            certInfo.set(X509CertInfo.SUBJECT + "." +
+                         CertificateSubjectName.DN_NAME, owner);
+        }
+        // Make issuer same as owner (self-signed!)
+        certInfo.set(X509CertInfo.ISSUER + "." +
+                     CertificateIssuerName.DN_NAME, owner);
+
+        // The inner and outer signature algorithms have to match.
+        // The way we achieve that is really ugly, but there seems to be no
+        // other solution: We first sign the cert, then retrieve the
+        // outer sigalg and use it to set the inner sigalg
+        X509CertImpl newCert = new X509CertImpl(certInfo);
+        newCert.sign(privKey, sigAlgName);
+        AlgorithmId sigAlgid = (AlgorithmId)newCert.get(X509CertImpl.SIG_ALG);
+        certInfo.set(CertificateAlgorithmId.NAME + "." +
+                     CertificateAlgorithmId.ALGORITHM, sigAlgid);
+
+        certInfo.set(X509CertInfo.VERSION,
+                        new CertificateVersion(CertificateVersion.V3));
+
+        CertificateExtensions ext = createV3Extensions(
+                null,
+                (CertificateExtensions)certInfo.get(X509CertInfo.EXTENSIONS),
+                v3ext,
+                oldCert.getPublicKey(),
+                null);
+        certInfo.set(X509CertInfo.EXTENSIONS, ext);
+        // Sign the new certificate
+        newCert = new X509CertImpl(certInfo);
+        newCert.sign(privKey, sigAlgName);
+
+        // Store the new certificate as a single-element certificate chain
+        keyStore.setKeyEntry(alias, privKey,
+                             (keyPass != null) ? keyPass : storePass,
+                             new Certificate[] { newCert } );
+
+        if (verbose) {
+            System.err.println(rb.getString("New.certificate.self.signed."));
+            System.err.print(newCert.toString());
+            System.err.println();
+        }
+    }
+
+    /**
+     * Processes a certificate reply from a certificate authority.
+     *
+     * <p>Builds a certificate chain on top of the certificate reply,
+     * using trusted certificates from the keystore. The chain is complete
+     * after a self-signed certificate has been encountered. The self-signed
+     * certificate is considered a root certificate authority, and is stored
+     * at the end of the chain.
+     *
+     * <p>The newly generated chain replaces the old chain associated with the
+     * key entry.
+     *
+     * @return true if the certificate reply was installed, otherwise false.
+     */
+    private boolean installReply(String alias, InputStream in)
+        throws Exception
+    {
+        if (alias == null) {
+            alias = keyAlias;
+        }
+
+        Pair<Key,char[]> objs = recoverKey(alias, storePass, keyPass);
+        PrivateKey privKey = (PrivateKey)objs.fst;
+        if (keyPass == null) {
+            keyPass = objs.snd;
+        }
+
+        Certificate userCert = keyStore.getCertificate(alias);
+        if (userCert == null) {
+            MessageFormat form = new MessageFormat
+                (rb.getString("alias.has.no.public.key.certificate."));
+            Object[] source = {alias};
+            throw new Exception(form.format(source));
+        }
+
+        // Read the certificates in the reply
+        Collection<? extends Certificate> c = cf.generateCertificates(in);
+        if (c.isEmpty()) {
+            throw new Exception(rb.getString("Reply.has.no.certificates"));
+        }
+        Certificate[] replyCerts = c.toArray(new Certificate[c.size()]);
+        Certificate[] newChain;
+        if (replyCerts.length == 1) {
+            // single-cert reply
+            newChain = establishCertChain(userCert, replyCerts[0]);
+        } else {
+            // cert-chain reply (e.g., PKCS#7)
+            newChain = validateReply(alias, userCert, replyCerts);
+        }
+
+        // Now store the newly established chain in the keystore. The new
+        // chain replaces the old one.
+        if (newChain != null) {
+            keyStore.setKeyEntry(alias, privKey,
+                                 (keyPass != null) ? keyPass : storePass,
+                                 newChain);
+            return true;
+        } else {
+            return false;
+        }
+    }
+
+    /**
+     * Imports a certificate and adds it to the list of trusted certificates.
+     *
+     * @return true if the certificate was added, otherwise false.
+     */
+    private boolean addTrustedCert(String alias, InputStream in)
+        throws Exception
+    {
+        if (alias == null) {
+            throw new Exception(rb.getString("Must.specify.alias"));
+        }
+        if (keyStore.containsAlias(alias)) {
+            MessageFormat form = new MessageFormat(rb.getString
+                ("Certificate.not.imported.alias.alias.already.exists"));
+            Object[] source = {alias};
+            throw new Exception(form.format(source));
+        }
+
+        // Read the certificate
+        X509Certificate cert = null;
+        try {
+            cert = (X509Certificate)cf.generateCertificate(in);
+        } catch (ClassCastException | CertificateException ce) {
+            throw new Exception(rb.getString("Input.not.an.X.509.certificate"));
+        }
+
+        // if certificate is self-signed, make sure it verifies
+        boolean selfSigned = false;
+        if (isSelfSigned(cert)) {
+            cert.verify(cert.getPublicKey());
+            selfSigned = true;
+        }
+
+        if (noprompt) {
+            keyStore.setCertificateEntry(alias, cert);
+            return true;
+        }
+
+        // check if cert already exists in keystore
+        String reply = null;
+        String trustalias = keyStore.getCertificateAlias(cert);
+        if (trustalias != null) {
+            MessageFormat form = new MessageFormat(rb.getString
+                ("Certificate.already.exists.in.keystore.under.alias.trustalias."));
+            Object[] source = {trustalias};
+            System.err.println(form.format(source));
+            reply = getYesNoReply
+                (rb.getString("Do.you.still.want.to.add.it.no."));
+        } else if (selfSigned) {
+            if (trustcacerts && (caks != null) &&
+                    ((trustalias=caks.getCertificateAlias(cert)) != null)) {
+                MessageFormat form = new MessageFormat(rb.getString
+                        ("Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias."));
+                Object[] source = {trustalias};
+                System.err.println(form.format(source));
+                reply = getYesNoReply
+                        (rb.getString("Do.you.still.want.to.add.it.to.your.own.keystore.no."));
+            }
+            if (trustalias == null) {
+                // Print the cert and ask user if they really want to add
+                // it to their keystore
+                printX509Cert(cert, System.out);
+                reply = getYesNoReply
+                        (rb.getString("Trust.this.certificate.no."));
+            }
+        }
+        if (reply != null) {
+            if ("YES".equals(reply)) {
+                keyStore.setCertificateEntry(alias, cert);
+                return true;
+            } else {
+                return false;
+            }
+        }
+
+        // Try to establish trust chain
+        try {
+            Certificate[] chain = establishCertChain(null, cert);
+            if (chain != null) {
+                keyStore.setCertificateEntry(alias, cert);
+                return true;
+            }
+        } catch (Exception e) {
+            // Print the cert and ask user if they really want to add it to
+            // their keystore
+            printX509Cert(cert, System.out);
+            reply = getYesNoReply
+                (rb.getString("Trust.this.certificate.no."));
+            if ("YES".equals(reply)) {
+                keyStore.setCertificateEntry(alias, cert);
+                return true;
+            } else {
+                return false;
+            }
+        }
+
+        return false;
+    }
+
+    /**
+     * Prompts user for new password. New password must be different from
+     * old one.
+     *
+     * @param prompt the message that gets prompted on the screen
+     * @param oldPasswd the current (i.e., old) password
+     */
+    private char[] getNewPasswd(String prompt, char[] oldPasswd)
+        throws Exception
+    {
+        char[] entered = null;
+        char[] reentered = null;
+
+        for (int count = 0; count < 3; count++) {
+            MessageFormat form = new MessageFormat
+                (rb.getString("New.prompt."));
+            Object[] source = {prompt};
+            System.err.print(form.format(source));
+            entered = Password.readPassword(System.in);
+            passwords.add(entered);
+            if (entered == null || entered.length < 6) {
+                System.err.println(rb.getString
+                    ("Password.is.too.short.must.be.at.least.6.characters"));
+            } else if (Arrays.equals(entered, oldPasswd)) {
+                System.err.println(rb.getString("Passwords.must.differ"));
+            } else {
+                form = new MessageFormat
+                        (rb.getString("Re.enter.new.prompt."));
+                Object[] src = {prompt};
+                System.err.print(form.format(src));
+                reentered = Password.readPassword(System.in);
+                passwords.add(reentered);
+                if (!Arrays.equals(entered, reentered)) {
+                    System.err.println
+                        (rb.getString("They.don.t.match.Try.again"));
+                } else {
+                    Arrays.fill(reentered, ' ');
+                    return entered;
+                }
+            }
+            if (entered != null) {
+                Arrays.fill(entered, ' ');
+                entered = null;
+            }
+            if (reentered != null) {
+                Arrays.fill(reentered, ' ');
+                reentered = null;
+            }
+        }
+        throw new Exception(rb.getString("Too.many.failures.try.later"));
+    }
+
+    /**
+     * Prompts user for alias name.
+     * @param prompt the {0} of "Enter {0} alias name:  " in prompt line
+     * @returns the string entered by the user, without the \n at the end
+     */
+    private String getAlias(String prompt) throws Exception {
+        if (prompt != null) {
+            MessageFormat form = new MessageFormat
+                (rb.getString("Enter.prompt.alias.name."));
+            Object[] source = {prompt};
+            System.err.print(form.format(source));
+        } else {
+            System.err.print(rb.getString("Enter.alias.name."));
+        }
+        return (new BufferedReader(new InputStreamReader(
+                                        System.in))).readLine();
+    }
+
+    /**
+     * Prompts user for an input string from the command line (System.in)
+     * @prompt the prompt string printed
+     * @returns the string entered by the user, without the \n at the end
+     */
+    private String inputStringFromStdin(String prompt) throws Exception {
+        System.err.print(prompt);
+        return (new BufferedReader(new InputStreamReader(
+                                        System.in))).readLine();
+    }
+
+    /**
+     * Prompts user for key password. User may select to choose the same
+     * password (<code>otherKeyPass</code>) as for <code>otherAlias</code>.
+     */
+    private char[] getKeyPasswd(String alias, String otherAlias,
+                                char[] otherKeyPass)
+        throws Exception
+    {
+        int count = 0;
+        char[] keyPass = null;
+
+        do {
+            if (otherKeyPass != null) {
+                MessageFormat form = new MessageFormat(rb.getString
+                        ("Enter.key.password.for.alias."));
+                Object[] source = {alias};
+                System.err.println(form.format(source));
+
+                form = new MessageFormat(rb.getString
+                        (".RETURN.if.same.as.for.otherAlias."));
+                Object[] src = {otherAlias};
+                System.err.print(form.format(src));
+            } else {
+                MessageFormat form = new MessageFormat(rb.getString
+                        ("Enter.key.password.for.alias."));
+                Object[] source = {alias};
+                System.err.print(form.format(source));
+            }
+            System.err.flush();
+            keyPass = Password.readPassword(System.in);
+            passwords.add(keyPass);
+            if (keyPass == null) {
+                keyPass = otherKeyPass;
+            }
+            count++;
+        } while ((keyPass == null) && count < 3);
+
+        if (keyPass == null) {
+            throw new Exception(rb.getString("Too.many.failures.try.later"));
+        }
+
+        return keyPass;
+    }
+
+    /**
+     * Prints a certificate in a human readable format.
+     */
+    private void printX509Cert(X509Certificate cert, PrintStream out)
+        throws Exception
+    {
+        /*
+        out.println("Owner: "
+                    + cert.getSubjectDN().toString()
+                    + "\n"
+                    + "Issuer: "
+                    + cert.getIssuerDN().toString()
+                    + "\n"
+                    + "Serial number: " + cert.getSerialNumber().toString(16)
+                    + "\n"
+                    + "Valid from: " + cert.getNotBefore().toString()
+                    + " until: " + cert.getNotAfter().toString()
+                    + "\n"
+                    + "Certificate fingerprints:\n"
+                    + "\t MD5:  " + getCertFingerPrint("MD5", cert)
+                    + "\n"
+                    + "\t SHA1: " + getCertFingerPrint("SHA1", cert));
+        */
+
+        MessageFormat form = new MessageFormat
+                (rb.getString(".PATTERN.printX509Cert"));
+        Object[] source = {cert.getSubjectDN().toString(),
+                        cert.getIssuerDN().toString(),
+                        cert.getSerialNumber().toString(16),
+                        cert.getNotBefore().toString(),
+                        cert.getNotAfter().toString(),
+                        getCertFingerPrint("MD5", cert),
+                        getCertFingerPrint("SHA1", cert),
+                        getCertFingerPrint("SHA-256", cert),
+                        cert.getSigAlgName(),
+                        cert.getVersion()
+                        };
+        out.println(form.format(source));
+
+        if (cert instanceof X509CertImpl) {
+            X509CertImpl impl = (X509CertImpl)cert;
+            X509CertInfo certInfo = (X509CertInfo)impl.get(X509CertImpl.NAME
+                                                           + "." +
+                                                           X509CertImpl.INFO);
+            CertificateExtensions exts = (CertificateExtensions)
+                    certInfo.get(X509CertInfo.EXTENSIONS);
+            if (exts != null) {
+                printExtensions(rb.getString("Extensions."), exts, out);
+            }
+        }
+    }
+
+    private static void printExtensions(String title, CertificateExtensions exts, PrintStream out)
+            throws Exception {
+        int extnum = 0;
+        Iterator<Extension> i1 = exts.getAllExtensions().iterator();
+        Iterator<Extension> i2 = exts.getUnparseableExtensions().values().iterator();
+        while (i1.hasNext() || i2.hasNext()) {
+            Extension ext = i1.hasNext()?i1.next():i2.next();
+            if (extnum == 0) {
+                out.println();
+                out.println(title);
+                out.println();
+            }
+            out.print("#"+(++extnum)+": "+ ext);
+            if (ext.getClass() == Extension.class) {
+                byte[] v = ext.getExtensionValue();
+                if (v.length == 0) {
+                    out.println(rb.getString(".Empty.value."));
+                } else {
+                    new sun.misc.HexDumpEncoder().encodeBuffer(ext.getExtensionValue(), out);
+                    out.println();
+                }
+            }
+            out.println();
+        }
+    }
+
+    /**
+     * Returns true if the certificate is self-signed, false otherwise.
+     */
+    private boolean isSelfSigned(X509Certificate cert) {
+        return signedBy(cert, cert);
+    }
+
+    private boolean signedBy(X509Certificate end, X509Certificate ca) {
+        if (!ca.getSubjectDN().equals(end.getIssuerDN())) {
+            return false;
+        }
+        try {
+            end.verify(ca.getPublicKey());
+            return true;
+        } catch (Exception e) {
+            return false;
+        }
+    }
+
+    /**
+     * Locates a signer for a given certificate from a given keystore and
+     * returns the signer's certificate.
+     * @param cert the certificate whose signer is searched, not null
+     * @param ks the keystore to search with, not null
+     * @return <code>cert</code> itself if it's already inside <code>ks</code>,
+     * or a certificate inside <code>ks</code> who signs <code>cert</code>,
+     * or null otherwise.
+     */
+    private static Certificate getTrustedSigner(Certificate cert, KeyStore ks)
+            throws Exception {
+        if (ks.getCertificateAlias(cert) != null) {
+            return cert;
+        }
+        for (Enumeration<String> aliases = ks.aliases();
+                aliases.hasMoreElements(); ) {
+            String name = aliases.nextElement();
+            Certificate trustedCert = ks.getCertificate(name);
+            if (trustedCert != null) {
+                try {
+                    cert.verify(trustedCert.getPublicKey());
+                    return trustedCert;
+                } catch (Exception e) {
+                    // Not verified, skip to the next one
+                }
+            }
+        }
+        return null;
+    }
+
+    /**
+     * Gets an X.500 name suitable for inclusion in a certification request.
+     */
+    private X500Name getX500Name() throws IOException {
+        BufferedReader in;
+        in = new BufferedReader(new InputStreamReader(System.in));
+        String commonName = "Unknown";
+        String organizationalUnit = "Unknown";
+        String organization = "Unknown";
+        String city = "Unknown";
+        String state = "Unknown";
+        String country = "Unknown";
+        X500Name name;
+        String userInput = null;
+
+        int maxRetry = 20;
+        do {
+            if (maxRetry-- < 0) {
+                throw new RuntimeException(rb.getString(
+                        "Too.many.retries.program.terminated"));
+            }
+            commonName = inputString(in,
+                    rb.getString("What.is.your.first.and.last.name."),
+                    commonName);
+            organizationalUnit = inputString(in,
+                    rb.getString
+                        ("What.is.the.name.of.your.organizational.unit."),
+                    organizationalUnit);
+            organization = inputString(in,
+                    rb.getString("What.is.the.name.of.your.organization."),
+                    organization);
+            city = inputString(in,
+                    rb.getString("What.is.the.name.of.your.City.or.Locality."),
+                    city);
+            state = inputString(in,
+                    rb.getString("What.is.the.name.of.your.State.or.Province."),
+                    state);
+            country = inputString(in,
+                    rb.getString
+                        ("What.is.the.two.letter.country.code.for.this.unit."),
+                    country);
+            name = new X500Name(commonName, organizationalUnit, organization,
+                                city, state, country);
+            MessageFormat form = new MessageFormat
+                (rb.getString("Is.name.correct."));
+            Object[] source = {name};
+            userInput = inputString
+                (in, form.format(source), rb.getString("no"));
+        } while (collator.compare(userInput, rb.getString("yes")) != 0 &&
+                 collator.compare(userInput, rb.getString("y")) != 0);
+
+        System.err.println();
+        return name;
+    }
+
+    private String inputString(BufferedReader in, String prompt,
+                               String defaultValue)
+        throws IOException
+    {
+        System.err.println(prompt);
+        MessageFormat form = new MessageFormat
+                (rb.getString(".defaultValue."));
+        Object[] source = {defaultValue};
+        System.err.print(form.format(source));
+        System.err.flush();
+
+        String value = in.readLine();
+        if (value == null || collator.compare(value, "") == 0) {
+            value = defaultValue;
+        }
+        return value;
+    }
+
+    /**
+     * Writes an X.509 certificate in base64 or binary encoding to an output
+     * stream.
+     */
+    private void dumpCert(Certificate cert, PrintStream out)
+        throws IOException, CertificateException
+    {
+        if (rfc) {
+            BASE64Encoder encoder = new BASE64Encoder();
+            out.println(X509Factory.BEGIN_CERT);
+            encoder.encodeBuffer(cert.getEncoded(), out);
+            out.println(X509Factory.END_CERT);
+        } else {
+            out.write(cert.getEncoded()); // binary
+        }
+    }
+
+    /**
+     * Converts a byte to hex digit and writes to the supplied buffer
+     */
+    private void byte2hex(byte b, StringBuffer buf) {
+        char[] hexChars = { '0', '1', '2', '3', '4', '5', '6', '7', '8',
+                            '9', 'A', 'B', 'C', 'D', 'E', 'F' };
+        int high = ((b & 0xf0) >> 4);
+        int low = (b & 0x0f);
+        buf.append(hexChars[high]);
+        buf.append(hexChars[low]);
+    }
+
+    /**
+     * Converts a byte array to hex string
+     */
+    private String toHexString(byte[] block) {
+        StringBuffer buf = new StringBuffer();
+        int len = block.length;
+        for (int i = 0; i < len; i++) {
+             byte2hex(block[i], buf);
+             if (i < len-1) {
+                 buf.append(":");
+             }
+        }
+        return buf.toString();
+    }
+
+    /**
+     * Recovers (private) key associated with given alias.
+     *
+     * @return an array of objects, where the 1st element in the array is the
+     * recovered private key, and the 2nd element is the password used to
+     * recover it.
+     */
+    private Pair<Key,char[]> recoverKey(String alias, char[] storePass,
+                                       char[] keyPass)
+        throws Exception
+    {
+        Key key = null;
+
+        if (keyStore.containsAlias(alias) == false) {
+            MessageFormat form = new MessageFormat
+                (rb.getString("Alias.alias.does.not.exist"));
+            Object[] source = {alias};
+            throw new Exception(form.format(source));
+        }
+        if (!keyStore.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class) &&
+                !keyStore.entryInstanceOf(alias, KeyStore.SecretKeyEntry.class)) {
+            MessageFormat form = new MessageFormat
+                (rb.getString("Alias.alias.has.no.key"));
+            Object[] source = {alias};
+            throw new Exception(form.format(source));
+        }
+
+        if (keyPass == null) {
+            // Try to recover the key using the keystore password
+            try {
+                key = keyStore.getKey(alias, storePass);
+
+                keyPass = storePass;
+                passwords.add(keyPass);
+            } catch (UnrecoverableKeyException e) {
+                // Did not work out, so prompt user for key password
+                if (!token) {
+                    keyPass = getKeyPasswd(alias, null, null);
+                    key = keyStore.getKey(alias, keyPass);
+                } else {
+                    throw e;
+                }
+            }
+        } else {
+            key = keyStore.getKey(alias, keyPass);
+        }
+
+        return Pair.of(key, keyPass);
+    }
+
+    /**
+     * Recovers entry associated with given alias.
+     *
+     * @return an array of objects, where the 1st element in the array is the
+     * recovered entry, and the 2nd element is the password used to
+     * recover it (null if no password).
+     */
+    private Pair<Entry,char[]> recoverEntry(KeyStore ks,
+                            String alias,
+                            char[] pstore,
+                            char[] pkey) throws Exception {
+
+        if (ks.containsAlias(alias) == false) {
+            MessageFormat form = new MessageFormat
+                (rb.getString("Alias.alias.does.not.exist"));
+            Object[] source = {alias};
+            throw new Exception(form.format(source));
+        }
+
+        PasswordProtection pp = null;
+        Entry entry;
+
+        try {
+            // First attempt to access entry without key password
+            // (PKCS11 entry or trusted certificate entry, for example)
+
+            entry = ks.getEntry(alias, pp);
+            pkey = null;
+        } catch (UnrecoverableEntryException une) {
+
+            if(P11KEYSTORE.equalsIgnoreCase(ks.getType()) ||
+                KeyStoreUtil.isWindowsKeyStore(ks.getType())) {
+                // should not happen, but a possibility
+                throw une;
+            }
+
+            // entry is protected
+
+            if (pkey != null) {
+
+                // try provided key password
+
+                pp = new PasswordProtection(pkey);
+                entry = ks.getEntry(alias, pp);
+
+            } else {
+
+                // try store pass
+
+                try {
+                    pp = new PasswordProtection(pstore);
+                    entry = ks.getEntry(alias, pp);
+                    pkey = pstore;
+                } catch (UnrecoverableEntryException une2) {
+                    if (P12KEYSTORE.equalsIgnoreCase(ks.getType())) {
+
+                        // P12 keystore currently does not support separate
+                        // store and entry passwords
+
+                        throw une2;
+                    } else {
+
+                        // prompt for entry password
+
+                        pkey = getKeyPasswd(alias, null, null);
+                        pp = new PasswordProtection(pkey);
+                        entry = ks.getEntry(alias, pp);
+                    }
+                }
+            }
+        }
+
+        return Pair.of(entry, pkey);
+    }
+    /**
+     * Gets the requested finger print of the certificate.
+     */
+    private String getCertFingerPrint(String mdAlg, Certificate cert)
+        throws Exception
+    {
+        byte[] encCertInfo = cert.getEncoded();
+        MessageDigest md = MessageDigest.getInstance(mdAlg);
+        byte[] digest = md.digest(encCertInfo);
+        return toHexString(digest);
+    }
+
+    /**
+     * Prints warning about missing integrity check.
+     */
+    private void printWarning() {
+        System.err.println();
+        System.err.println(rb.getString
+            (".WARNING.WARNING.WARNING."));
+        System.err.println(rb.getString
+            (".The.integrity.of.the.information.stored.in.your.keystore."));
+        System.err.println(rb.getString
+            (".WARNING.WARNING.WARNING."));
+        System.err.println();
+    }
+
+    /**
+     * Validates chain in certification reply, and returns the ordered
+     * elements of the chain (with user certificate first, and root
+     * certificate last in the array).
+     *
+     * @param alias the alias name
+     * @param userCert the user certificate of the alias
+     * @param replyCerts the chain provided in the reply
+     */
+    private Certificate[] validateReply(String alias,
+                                        Certificate userCert,
+                                        Certificate[] replyCerts)
+        throws Exception
+    {
+        // order the certs in the reply (bottom-up).
+        // we know that all certs in the reply are of type X.509, because
+        // we parsed them using an X.509 certificate factory
+        int i;
+        PublicKey userPubKey = userCert.getPublicKey();
+        for (i=0; i<replyCerts.length; i++) {
+            if (userPubKey.equals(replyCerts[i].getPublicKey())) {
+                break;
+            }
+        }
+        if (i == replyCerts.length) {
+            MessageFormat form = new MessageFormat(rb.getString
+                ("Certificate.reply.does.not.contain.public.key.for.alias."));
+            Object[] source = {alias};
+            throw new Exception(form.format(source));
+        }
+
+        Certificate tmpCert = replyCerts[0];
+        replyCerts[0] = replyCerts[i];
+        replyCerts[i] = tmpCert;
+
+        X509Certificate thisCert = (X509Certificate)replyCerts[0];
+
+        for (i=1; i < replyCerts.length-1; i++) {
+            // find a cert in the reply who signs thisCert
+            int j;
+            for (j=i; j<replyCerts.length; j++) {
+                if (signedBy(thisCert, (X509Certificate)replyCerts[j])) {
+                    tmpCert = replyCerts[i];
+                    replyCerts[i] = replyCerts[j];
+                    replyCerts[j] = tmpCert;
+                    thisCert = (X509Certificate)replyCerts[i];
+                    break;
+                }
+            }
+            if (j == replyCerts.length) {
+                throw new Exception
+                    (rb.getString("Incomplete.certificate.chain.in.reply"));
+            }
+        }
+
+        if (noprompt) {
+            return replyCerts;
+        }
+
+        // do we trust the cert at the top?
+        Certificate topCert = replyCerts[replyCerts.length-1];
+        Certificate root = getTrustedSigner(topCert, keyStore);
+        if (root == null && trustcacerts && caks != null) {
+            root = getTrustedSigner(topCert, caks);
+        }
+        if (root == null) {
+            System.err.println();
+            System.err.println
+                    (rb.getString("Top.level.certificate.in.reply."));
+            printX509Cert((X509Certificate)topCert, System.out);
+            System.err.println();
+            System.err.print(rb.getString(".is.not.trusted."));
+            String reply = getYesNoReply
+                    (rb.getString("Install.reply.anyway.no."));
+            if ("NO".equals(reply)) {
+                return null;
+            }
+        } else {
+            if (root != topCert) {
+                // append the root CA cert to the chain
+                Certificate[] tmpCerts =
+                    new Certificate[replyCerts.length+1];
+                System.arraycopy(replyCerts, 0, tmpCerts, 0,
+                                 replyCerts.length);
+                tmpCerts[tmpCerts.length-1] = root;
+                replyCerts = tmpCerts;
+            }
+        }
+
+        return replyCerts;
+    }
+
+    /**
+     * Establishes a certificate chain (using trusted certificates in the
+     * keystore), starting with the user certificate
+     * and ending at a self-signed certificate found in the keystore.
+     *
+     * @param userCert the user certificate of the alias
+     * @param certToVerify the single certificate provided in the reply
+     */
+    private Certificate[] establishCertChain(Certificate userCert,
+                                             Certificate certToVerify)
+        throws Exception
+    {
+        if (userCert != null) {
+            // Make sure that the public key of the certificate reply matches
+            // the original public key in the keystore
+            PublicKey origPubKey = userCert.getPublicKey();
+            PublicKey replyPubKey = certToVerify.getPublicKey();
+            if (!origPubKey.equals(replyPubKey)) {
+                throw new Exception(rb.getString
+                        ("Public.keys.in.reply.and.keystore.don.t.match"));
+            }
+
+            // If the two certs are identical, we're done: no need to import
+            // anything
+            if (certToVerify.equals(userCert)) {
+                throw new Exception(rb.getString
+                        ("Certificate.reply.and.certificate.in.keystore.are.identical"));
+            }
+        }
+
+        // Build a hash table of all certificates in the keystore.
+        // Use the subject distinguished name as the key into the hash table.
+        // All certificates associated with the same subject distinguished
+        // name are stored in the same hash table entry as a vector.
+        Hashtable<Principal, Vector<Certificate>> certs = null;
+        if (keyStore.size() > 0) {
+            certs = new Hashtable<Principal, Vector<Certificate>>(11);
+            keystorecerts2Hashtable(keyStore, certs);
+        }
+        if (trustcacerts) {
+            if (caks!=null && caks.size()>0) {
+                if (certs == null) {
+                    certs = new Hashtable<Principal, Vector<Certificate>>(11);
+                }
+                keystorecerts2Hashtable(caks, certs);
+            }
+        }
+
+        // start building chain
+        Vector<Certificate> chain = new Vector<>(2);
+        if (buildChain((X509Certificate)certToVerify, chain, certs)) {
+            Certificate[] newChain = new Certificate[chain.size()];
+            // buildChain() returns chain with self-signed root-cert first and
+            // user-cert last, so we need to invert the chain before we store
+            // it
+            int j=0;
+            for (int i=chain.size()-1; i>=0; i--) {
+                newChain[j] = chain.elementAt(i);
+                j++;
+            }
+            return newChain;
+        } else {
+            throw new Exception
+                (rb.getString("Failed.to.establish.chain.from.reply"));
+        }
+    }
+
+    /**
+     * Recursively tries to establish chain from pool of trusted certs.
+     *
+     * @param certToVerify the cert that needs to be verified.
+     * @param chain the chain that's being built.
+     * @param certs the pool of trusted certs
+     *
+     * @return true if successful, false otherwise.
+     */
+    private boolean buildChain(X509Certificate certToVerify,
+                        Vector<Certificate> chain,
+                        Hashtable<Principal, Vector<Certificate>> certs) {
+        Principal issuer = certToVerify.getIssuerDN();
+        if (isSelfSigned(certToVerify)) {
+            // reached self-signed root cert;
+            // no verification needed because it's trusted.
+            chain.addElement(certToVerify);
+            return true;
+        }
+
+        // Get the issuer's certificate(s)
+        Vector<Certificate> vec = certs.get(issuer);
+        if (vec == null) {
+            return false;
+        }
+
+        // Try out each certificate in the vector, until we find one
+        // whose public key verifies the signature of the certificate
+        // in question.
+        for (Enumeration<Certificate> issuerCerts = vec.elements();
+             issuerCerts.hasMoreElements(); ) {
+            X509Certificate issuerCert
+                = (X509Certificate)issuerCerts.nextElement();
+            PublicKey issuerPubKey = issuerCert.getPublicKey();
+            try {
+                certToVerify.verify(issuerPubKey);
+            } catch (Exception e) {
+                continue;
+            }
+            if (buildChain(issuerCert, chain, certs)) {
+                chain.addElement(certToVerify);
+                return true;
+            }
+        }
+        return false;
+    }
+
+    /**
+     * Prompts user for yes/no decision.
+     *
+     * @return the user's decision, can only be "YES" or "NO"
+     */
+    private String getYesNoReply(String prompt)
+        throws IOException
+    {
+        String reply = null;
+        int maxRetry = 20;
+        do {
+            if (maxRetry-- < 0) {
+                throw new RuntimeException(rb.getString(
+                        "Too.many.retries.program.terminated"));
+            }
+            System.err.print(prompt);
+            System.err.flush();
+            reply = (new BufferedReader(new InputStreamReader
+                                        (System.in))).readLine();
+            if (collator.compare(reply, "") == 0 ||
+                collator.compare(reply, rb.getString("n")) == 0 ||
+                collator.compare(reply, rb.getString("no")) == 0) {
+                reply = "NO";
+            } else if (collator.compare(reply, rb.getString("y")) == 0 ||
+                       collator.compare(reply, rb.getString("yes")) == 0) {
+                reply = "YES";
+            } else {
+                System.err.println(rb.getString("Wrong.answer.try.again"));
+                reply = null;
+            }
+        } while (reply == null);
+        return reply;
+    }
+
+    /**
+     * Stores the (leaf) certificates of a keystore in a hashtable.
+     * All certs belonging to the same CA are stored in a vector that
+     * in turn is stored in the hashtable, keyed by the CA's subject DN
+     */
+    private void keystorecerts2Hashtable(KeyStore ks,
+                Hashtable<Principal, Vector<Certificate>> hash)
+        throws Exception {
+
+        for (Enumeration<String> aliases = ks.aliases();
+                                        aliases.hasMoreElements(); ) {
+            String alias = aliases.nextElement();
+            Certificate cert = ks.getCertificate(alias);
+            if (cert != null) {
+                Principal subjectDN = ((X509Certificate)cert).getSubjectDN();
+                Vector<Certificate> vec = hash.get(subjectDN);
+                if (vec == null) {
+                    vec = new Vector<Certificate>();
+                    vec.addElement(cert);
+                } else {
+                    if (!vec.contains(cert)) {
+                        vec.addElement(cert);
+                    }
+                }
+                hash.put(subjectDN, vec);
+            }
+        }
+    }
+
+    /**
+     * Returns the issue time that's specified the -startdate option
+     * @param s the value of -startdate option
+     */
+    private static Date getStartDate(String s) throws IOException {
+        Calendar c = new GregorianCalendar();
+        if (s != null) {
+            IOException ioe = new IOException(
+                    rb.getString("Illegal.startdate.value"));
+            int len = s.length();
+            if (len == 0) {
+                throw ioe;
+            }
+            if (s.charAt(0) == '-' || s.charAt(0) == '+') {
+                // Form 1: ([+-]nnn[ymdHMS])+
+                int start = 0;
+                while (start < len) {
+                    int sign = 0;
+                    switch (s.charAt(start)) {
+                        case '+': sign = 1; break;
+                        case '-': sign = -1; break;
+                        default: throw ioe;
+                    }
+                    int i = start+1;
+                    for (; i<len; i++) {
+                        char ch = s.charAt(i);
+                        if (ch < '0' || ch > '9') break;
+                    }
+                    if (i == start+1) throw ioe;
+                    int number = Integer.parseInt(s.substring(start+1, i));
+                    if (i >= len) throw ioe;
+                    int unit = 0;
+                    switch (s.charAt(i)) {
+                        case 'y': unit = Calendar.YEAR; break;
+                        case 'm': unit = Calendar.MONTH; break;
+                        case 'd': unit = Calendar.DATE; break;
+                        case 'H': unit = Calendar.HOUR; break;
+                        case 'M': unit = Calendar.MINUTE; break;
+                        case 'S': unit = Calendar.SECOND; break;
+                        default: throw ioe;
+                    }
+                    c.add(unit, sign * number);
+                    start = i + 1;
+                }
+            } else  {
+                // Form 2: [yyyy/mm/dd] [HH:MM:SS]
+                String date = null, time = null;
+                if (len == 19) {
+                    date = s.substring(0, 10);
+                    time = s.substring(11);
+                    if (s.charAt(10) != ' ')
+                        throw ioe;
+                } else if (len == 10) {
+                    date = s;
+                } else if (len == 8) {
+                    time = s;
+                } else {
+                    throw ioe;
+                }
+                if (date != null) {
+                    if (date.matches("\\d\\d\\d\\d\\/\\d\\d\\/\\d\\d")) {
+                        c.set(Integer.valueOf(date.substring(0, 4)),
+                                Integer.valueOf(date.substring(5, 7))-1,
+                                Integer.valueOf(date.substring(8, 10)));
+                    } else {
+                        throw ioe;
+                    }
+                }
+                if (time != null) {
+                    if (time.matches("\\d\\d:\\d\\d:\\d\\d")) {
+                        c.set(Calendar.HOUR_OF_DAY, Integer.valueOf(time.substring(0, 2)));
+                        c.set(Calendar.MINUTE, Integer.valueOf(time.substring(0, 2)));
+                        c.set(Calendar.SECOND, Integer.valueOf(time.substring(0, 2)));
+                        c.set(Calendar.MILLISECOND, 0);
+                    } else {
+                        throw ioe;
+                    }
+                }
+            }
+        }
+        return c.getTime();
+    }
+
+    /**
+     * Match a command (may be abbreviated) with a command set.
+     * @param s the command provided
+     * @param list the legal command set. If there is a null, commands after it
+     * are regarded experimental, which means they are supported but their
+     * existence should not be revealed to user.
+     * @return the position of a single match, or -1 if none matched
+     * @throws Exception if s is ambiguous
+     */
+    private static int oneOf(String s, String... list) throws Exception {
+        int[] match = new int[list.length];
+        int nmatch = 0;
+        int experiment = Integer.MAX_VALUE;
+        for (int i = 0; i<list.length; i++) {
+            String one = list[i];
+            if (one == null) {
+                experiment = i;
+                continue;
+            }
+            if (one.toLowerCase(Locale.ENGLISH)
+                    .startsWith(s.toLowerCase(Locale.ENGLISH))) {
+                match[nmatch++] = i;
+            } else {
+                StringBuffer sb = new StringBuffer();
+                boolean first = true;
+                for (char c: one.toCharArray()) {
+                    if (first) {
+                        sb.append(c);
+                        first = false;
+                    } else {
+                        if (!Character.isLowerCase(c)) {
+                            sb.append(c);
+                        }
+                    }
+                }
+                if (sb.toString().equalsIgnoreCase(s)) {
+                    match[nmatch++] = i;
+                }
+            }
+        }
+        if (nmatch == 0) {
+            return -1;
+        } else if (nmatch == 1) {
+            return match[0];
+        } else {
+            // If multiple matches is in experimental commands, ignore them
+            if (match[1] > experiment) {
+                return match[0];
+            }
+            StringBuffer sb = new StringBuffer();
+            MessageFormat form = new MessageFormat(rb.getString
+                ("command.{0}.is.ambiguous."));
+            Object[] source = {s};
+            sb.append(form.format(source));
+            sb.append("\n    ");
+            for (int i=0; i<nmatch && match[i]<experiment; i++) {
+                sb.append(' ');
+                sb.append(list[match[i]]);
+            }
+            throw new Exception(sb.toString());
+        }
+    }
+
+    /**
+     * Create a GeneralName object from known types
+     * @param t one of 5 known types
+     * @param v value
+     * @return which one
+     */
+    private GeneralName createGeneralName(String t, String v)
+            throws Exception {
+        GeneralNameInterface gn;
+        int p = oneOf(t, "EMAIL", "URI", "DNS", "IP", "OID");
+        if (p < 0) {
+            throw new Exception(rb.getString(
+                    "Unrecognized.GeneralName.type.") + t);
+        }
+        switch (p) {
+            case 0: gn = new RFC822Name(v); break;
+            case 1: gn = new URIName(v); break;
+            case 2: gn = new DNSName(v); break;
+            case 3: gn = new IPAddressName(v); break;
+            default: gn = new OIDName(v); break; //4
+        }
+        return new GeneralName(gn);
+    }
+
+    private static final String[] extSupported = {
+                        "BasicConstraints",
+                        "KeyUsage",
+                        "ExtendedKeyUsage",
+                        "SubjectAlternativeName",
+                        "IssuerAlternativeName",
+                        "SubjectInfoAccess",
+                        "AuthorityInfoAccess",
+                        null,
+                        "CRLDistributionPoints",
+    };
+
+    private ObjectIdentifier findOidForExtName(String type)
+            throws Exception {
+        switch (oneOf(type, extSupported)) {
+            case 0: return PKIXExtensions.BasicConstraints_Id;
+            case 1: return PKIXExtensions.KeyUsage_Id;
+            case 2: return PKIXExtensions.ExtendedKeyUsage_Id;
+            case 3: return PKIXExtensions.SubjectAlternativeName_Id;
+            case 4: return PKIXExtensions.IssuerAlternativeName_Id;
+            case 5: return PKIXExtensions.SubjectInfoAccess_Id;
+            case 6: return PKIXExtensions.AuthInfoAccess_Id;
+            case 8: return PKIXExtensions.CRLDistributionPoints_Id;
+            default: return new ObjectIdentifier(type);
+        }
+    }
+
+    /**
+     * Create X509v3 extensions from a string representation. Note that the
+     * SubjectKeyIdentifierExtension will always be created non-critical besides
+     * the extension requested in the <code>extstr</code> argument.
+     *
+     * @param reqex the requested extensions, can be null, used for -gencert
+     * @param ext the original extensions, can be null, used for -selfcert
+     * @param extstrs -ext values, Read keytool doc
+     * @param pkey the public key for the certificate
+     * @param akey the public key for the authority (issuer)
+     * @return the created CertificateExtensions
+     */
+    private CertificateExtensions createV3Extensions(
+            CertificateExtensions reqex,
+            CertificateExtensions ext,
+            List <String> extstrs,
+            PublicKey pkey,
+            PublicKey akey) throws Exception {
+
+        if (ext != null && reqex != null) {
+            // This should not happen
+            throw new Exception("One of request and original should be null.");
+        }
+        if (ext == null) ext = new CertificateExtensions();
+        try {
+            // name{:critical}{=value}
+            // Honoring requested extensions
+            if (reqex != null) {
+                for(String extstr: extstrs) {
+                    if (extstr.toLowerCase(Locale.ENGLISH).startsWith("honored=")) {
+                        List<String> list = Arrays.asList(
+                                extstr.toLowerCase(Locale.ENGLISH).substring(8).split(","));
+                        // First check existence of "all"
+                        if (list.contains("all")) {
+                            ext = reqex;    // we know ext was null
+                        }
+                        // one by one for others
+                        for (String item: list) {
+                            if (item.equals("all")) continue;
+
+                            // add or remove
+                            boolean add = true;
+                            // -1, unchanged, 0 crtical, 1 non-critical
+                            int action = -1;
+                            String type = null;
+                            if (item.startsWith("-")) {
+                                add = false;
+                                type = item.substring(1);
+                            } else {
+                                int colonpos = item.indexOf(':');
+                                if (colonpos >= 0) {
+                                    type = item.substring(0, colonpos);
+                                    action = oneOf(item.substring(colonpos+1),
+                                            "critical", "non-critical");
+                                    if (action == -1) {
+                                        throw new Exception(rb.getString
+                                            ("Illegal.value.") + item);
+                                    }
+                                }
+                            }
+                            String n = reqex.getNameByOid(findOidForExtName(type));
+                            if (add) {
+                                Extension e = reqex.get(n);
+                                if (!e.isCritical() && action == 0
+                                        || e.isCritical() && action == 1) {
+                                    e = Extension.newExtension(
+                                            e.getExtensionId(),
+                                            !e.isCritical(),
+                                            e.getExtensionValue());
+                                    ext.set(n, e);
+                                }
+                            } else {
+                                ext.delete(n);
+                            }
+                        }
+                        break;
+                    }
+                }
+            }
+            for(String extstr: extstrs) {
+                String name, value;
+                boolean isCritical = false;
+
+                int eqpos = extstr.indexOf('=');
+                if (eqpos >= 0) {
+                    name = extstr.substring(0, eqpos);
+                    value = extstr.substring(eqpos+1);
+                } else {
+                    name = extstr;
+                    value = null;
+                }
+
+                int colonpos = name.indexOf(':');
+                if (colonpos >= 0) {
+                    if (oneOf(name.substring(colonpos+1), "critical") == 0) {
+                        isCritical = true;
+                    }
+                    name = name.substring(0, colonpos);
+                }
+
+                if (name.equalsIgnoreCase("honored")) {
+                    continue;
+                }
+                int exttype = oneOf(name, extSupported);
+                switch (exttype) {
+                    case 0:     // BC
+                        int pathLen = -1;
+                        boolean isCA = false;
+                        if (value == null) {
+                            isCA = true;
+                        } else {
+                            try {   // the abbr format
+                                pathLen = Integer.parseInt(value);
+                                isCA = true;
+                            } catch (NumberFormatException ufe) {
+                                // ca:true,pathlen:1
+                                for (String part: value.split(",")) {
+                                    String[] nv = part.split(":");
+                                    if (nv.length != 2) {
+                                        throw new Exception(rb.getString
+                                                ("Illegal.value.") + extstr);
+                                    } else {
+                                        if (nv[0].equalsIgnoreCase("ca")) {
+                                            isCA = Boolean.parseBoolean(nv[1]);
+                                        } else if (nv[0].equalsIgnoreCase("pathlen")) {
+                                            pathLen = Integer.parseInt(nv[1]);
+                                        } else {
+                                            throw new Exception(rb.getString
+                                                ("Illegal.value.") + extstr);
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                        ext.set(BasicConstraintsExtension.NAME,
+                                new BasicConstraintsExtension(isCritical, isCA,
+                                pathLen));
+                        break;
+                    case 1:     // KU
+                        if(value != null) {
+                            boolean[] ok = new boolean[9];
+                            for (String s: value.split(",")) {
+                                int p = oneOf(s,
+                                       "digitalSignature",  // (0),
+                                       "nonRepudiation",    // (1)
+                                       "keyEncipherment",   // (2),
+                                       "dataEncipherment",  // (3),
+                                       "keyAgreement",      // (4),
+                                       "keyCertSign",       // (5),
+                                       "cRLSign",           // (6),
+                                       "encipherOnly",      // (7),
+                                       "decipherOnly",      // (8)
+                                       "contentCommitment"  // also (1)
+                                       );
+                                if (p < 0) {
+                                    throw new Exception(rb.getString("Unknown.keyUsage.type.") + s);
+                                }
+                                if (p == 9) p = 1;
+                                ok[p] = true;
+                            }
+                            KeyUsageExtension kue = new KeyUsageExtension(ok);
+                            // The above KeyUsageExtension constructor does not
+                            // allow isCritical value, so...
+                            ext.set(KeyUsageExtension.NAME, Extension.newExtension(
+                                    kue.getExtensionId(),
+                                    isCritical,
+                                    kue.getExtensionValue()));
+                        } else {
+                            throw new Exception(rb.getString
+                                    ("Illegal.value.") + extstr);
+                        }
+                        break;
+                    case 2:     // EKU
+                        if(value != null) {
+                            Vector<ObjectIdentifier> v = new Vector<>();
+                            for (String s: value.split(",")) {
+                                int p = oneOf(s,
+                                        "anyExtendedKeyUsage",
+                                        "serverAuth",       //1
+                                        "clientAuth",       //2
+                                        "codeSigning",      //3
+                                        "emailProtection",  //4
+                                        "",                 //5
+                                        "",                 //6
+                                        "",                 //7
+                                        "timeStamping",     //8
+                                        "OCSPSigning"       //9
+                                       );
+                                if (p < 0) {
+                                    try {
+                                        v.add(new ObjectIdentifier(s));
+                                    } catch (Exception e) {
+                                        throw new Exception(rb.getString(
+                                                "Unknown.extendedkeyUsage.type.") + s);
+                                    }
+                                } else if (p == 0) {
+                                    v.add(new ObjectIdentifier("2.5.29.37.0"));
+                                } else {
+                                    v.add(new ObjectIdentifier("1.3.6.1.5.5.7.3." + p));
+                                }
+                            }
+                            ext.set(ExtendedKeyUsageExtension.NAME,
+                                    new ExtendedKeyUsageExtension(isCritical, v));
+                        } else {
+                            throw new Exception(rb.getString
+                                    ("Illegal.value.") + extstr);
+                        }
+                        break;
+                    case 3:     // SAN
+                    case 4:     // IAN
+                        if(value != null) {
+                            String[] ps = value.split(",");
+                            GeneralNames gnames = new GeneralNames();
+                            for(String item: ps) {
+                                colonpos = item.indexOf(':');
+                                if (colonpos < 0) {
+                                    throw new Exception("Illegal item " + item + " in " + extstr);
+                                }
+                                String t = item.substring(0, colonpos);
+                                String v = item.substring(colonpos+1);
+                                gnames.add(createGeneralName(t, v));
+                            }
+                            if (exttype == 3) {
+                                ext.set(SubjectAlternativeNameExtension.NAME,
+                                        new SubjectAlternativeNameExtension(
+                                            isCritical, gnames));
+                            } else {
+                                ext.set(IssuerAlternativeNameExtension.NAME,
+                                        new IssuerAlternativeNameExtension(
+                                            isCritical, gnames));
+                            }
+                        } else {
+                            throw new Exception(rb.getString
+                                    ("Illegal.value.") + extstr);
+                        }
+                        break;
+                    case 5:     // SIA, always non-critical
+                    case 6:     // AIA, always non-critical
+                        if (isCritical) {
+                            throw new Exception(rb.getString(
+                                    "This.extension.cannot.be.marked.as.critical.") + extstr);
+                        }
+                        if(value != null) {
+                            List<AccessDescription> accessDescriptions =
+                                    new ArrayList<>();
+                            String[] ps = value.split(",");
+                            for(String item: ps) {
+                                colonpos = item.indexOf(':');
+                                int colonpos2 = item.indexOf(':', colonpos+1);
+                                if (colonpos < 0 || colonpos2 < 0) {
+                                    throw new Exception(rb.getString
+                                            ("Illegal.value.") + extstr);
+                                }
+                                String m = item.substring(0, colonpos);
+                                String t = item.substring(colonpos+1, colonpos2);
+                                String v = item.substring(colonpos2+1);
+                                int p = oneOf(m,
+                                        "",
+                                        "ocsp",         //1
+                                        "caIssuers",    //2
+                                        "timeStamping", //3
+                                        "",
+                                        "caRepository"  //5
+                                        );
+                                ObjectIdentifier oid;
+                                if (p < 0) {
+                                    try {
+                                        oid = new ObjectIdentifier(m);
+                                    } catch (Exception e) {
+                                        throw new Exception(rb.getString(
+                                                "Unknown.AccessDescription.type.") + m);
+                                    }
+                                } else {
+                                    oid = new ObjectIdentifier("1.3.6.1.5.5.7.48." + p);
+                                }
+                                accessDescriptions.add(new AccessDescription(
+                                        oid, createGeneralName(t, v)));
+                            }
+                            if (exttype == 5) {
+                                ext.set(SubjectInfoAccessExtension.NAME,
+                                        new SubjectInfoAccessExtension(accessDescriptions));
+                            } else {
+                                ext.set(AuthorityInfoAccessExtension.NAME,
+                                        new AuthorityInfoAccessExtension(accessDescriptions));
+                            }
+                        } else {
+                            throw new Exception(rb.getString
+                                    ("Illegal.value.") + extstr);
+                        }
+                        break;
+                    case 8: // CRL, experimental, only support 1 distributionpoint
+                        if(value != null) {
+                            String[] ps = value.split(",");
+                            GeneralNames gnames = new GeneralNames();
+                            for(String item: ps) {
+                                colonpos = item.indexOf(':');
+                                if (colonpos < 0) {
+                                    throw new Exception("Illegal item " + item + " in " + extstr);
+                                }
+                                String t = item.substring(0, colonpos);
+                                String v = item.substring(colonpos+1);
+                                gnames.add(createGeneralName(t, v));
+                            }
+                            ext.set(CRLDistributionPointsExtension.NAME,
+                                    new CRLDistributionPointsExtension(
+                                        isCritical, Collections.singletonList(
+                                        new DistributionPoint(gnames, null, null))));
+                        } else {
+                            throw new Exception(rb.getString
+                                    ("Illegal.value.") + extstr);
+                        }
+                        break;
+                    case -1:
+                        ObjectIdentifier oid = new ObjectIdentifier(name);
+                        byte[] data = null;
+                        if (value != null) {
+                            data = new byte[value.length() / 2 + 1];
+                            int pos = 0;
+                            for (char c: value.toCharArray()) {
+                                int hex;
+                                if (c >= '0' && c <= '9') {
+                                    hex = c - '0' ;
+                                } else if (c >= 'A' && c <= 'F') {
+                                    hex = c - 'A' + 10;
+                                } else if (c >= 'a' && c <= 'f') {
+                                    hex = c - 'a' + 10;
+                                } else {
+                                    continue;
+                                }
+                                if (pos % 2 == 0) {
+                                    data[pos/2] = (byte)(hex << 4);
+                                } else {
+                                    data[pos/2] += hex;
+                                }
+                                pos++;
+                            }
+                            if (pos % 2 != 0) {
+                                throw new Exception(rb.getString(
+                                        "Odd.number.of.hex.digits.found.") + extstr);
+                            }
+                            data = Arrays.copyOf(data, pos/2);
+                        } else {
+                            data = new byte[0];
+                        }
+                        ext.set(oid.toString(), new Extension(oid, isCritical,
+                                new DerValue(DerValue.tag_OctetString, data)
+                                        .toByteArray()));
+                        break;
+                    default:
+                        throw new Exception(rb.getString(
+                                "Unknown.extension.type.") + extstr);
+                }
+            }
+            // always non-critical
+            ext.set(SubjectKeyIdentifierExtension.NAME,
+                    new SubjectKeyIdentifierExtension(
+                        new KeyIdentifier(pkey).getIdentifier()));
+            if (akey != null && !pkey.equals(akey)) {
+                ext.set(AuthorityKeyIdentifierExtension.NAME,
+                        new AuthorityKeyIdentifierExtension(
+                        new KeyIdentifier(akey), null, null));
+            }
+        } catch(IOException e) {
+            throw new RuntimeException(e);
+        }
+        return ext;
+    }
+
+    /**
+     * Prints the usage of this tool.
+     */
+    private void usage() {
+        if (command != null) {
+            System.err.println("keytool " + command +
+                    rb.getString(".OPTION."));
+            System.err.println();
+            System.err.println(rb.getString(command.description));
+            System.err.println();
+            System.err.println(rb.getString("Options."));
+            System.err.println();
+
+            // Left and right sides of the options list
+            String[] left = new String[command.options.length];
+            String[] right = new String[command.options.length];
+
+            // Check if there's an unknown option
+            boolean found = false;
+
+            // Length of left side of options list
+            int lenLeft = 0;
+            for (int j=0; j<left.length; j++) {
+                Option opt = command.options[j];
+                left[j] = opt.toString();
+                if (opt.arg != null) left[j] += " " + opt.arg;
+                if (left[j].length() > lenLeft) {
+                    lenLeft = left[j].length();
+                }
+                right[j] = rb.getString(opt.description);
+            }
+            for (int j=0; j<left.length; j++) {
+                System.err.printf(" %-" + lenLeft + "s  %s\n",
+                        left[j], right[j]);
+            }
+            System.err.println();
+            System.err.println(rb.getString(
+                    "Use.keytool.help.for.all.available.commands"));
+        } else {
+            System.err.println(rb.getString(
+                    "Key.and.Certificate.Management.Tool"));
+            System.err.println();
+            System.err.println(rb.getString("Commands."));
+            System.err.println();
+            for (Command c: Command.values()) {
+                if (c == KEYCLONE) break;
+                System.err.printf(" %-20s%s\n", c, rb.getString(c.description));
+            }
+            System.err.println();
+            System.err.println(rb.getString(
+                    "Use.keytool.command.name.help.for.usage.of.command.name"));
+        }
+    }
+
+    private void tinyHelp() {
+        usage();
+        if (debug) {
+            throw new RuntimeException("NO BIG ERROR, SORRY");
+        } else {
+            System.exit(1);
+        }
+    }
+
+    private void errorNeedArgument(String flag) {
+        Object[] source = {flag};
+        System.err.println(new MessageFormat(
+                rb.getString("Command.option.flag.needs.an.argument.")).format(source));
+        tinyHelp();
+    }
+
+    private char[] getPass(String modifier, String arg) {
+        char[] output = KeyStoreUtil.getPassWithModifier(modifier, arg, rb);
+        if (output != null) return output;
+        tinyHelp();
+        return null;    // Useless, tinyHelp() already exits.
+    }
+}
+
+// This class is exactly the same as com.sun.tools.javac.util.Pair,
+// it's copied here since the original one is not included in JRE.
+class Pair<A, B> {
+
+    public final A fst;
+    public final B snd;
+
+    public Pair(A fst, B snd) {
+        this.fst = fst;
+        this.snd = snd;
+    }
+
+    public String toString() {
+        return "Pair[" + fst + "," + snd + "]";
+    }
+
+    public boolean equals(Object other) {
+        return
+            other instanceof Pair &&
+            Objects.equals(fst, ((Pair)other).fst) &&
+            Objects.equals(snd, ((Pair)other).snd);
+    }
+
+    public int hashCode() {
+        if (fst == null) return (snd == null) ? 0 : snd.hashCode() + 1;
+        else if (snd == null) return fst.hashCode() + 2;
+        else return fst.hashCode() * 17 + snd.hashCode();
+    }
+
+    public static <A,B> Pair<A,B> of(A a, B b) {
+        return new Pair<>(a,b);
+    }
+}
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/keytool/Resources.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,438 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.keytool;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for the keytool.
+ *
+ */
+public class Resources extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+        {"NEWLINE", "\n"},
+        {"STAR",
+                "*******************************************"},
+        {"STARNN",
+                "*******************************************\n\n"},
+
+        // keytool: Help part
+        {".OPTION.", " [OPTION]..."},
+        {"Options.", "Options:"},
+        {"Use.keytool.help.for.all.available.commands",
+                 "Use \"keytool -help\" for all available commands"},
+        {"Key.and.Certificate.Management.Tool",
+                 "Key and Certificate Management Tool"},
+        {"Commands.", "Commands:"},
+        {"Use.keytool.command.name.help.for.usage.of.command.name",
+                "Use \"keytool -command_name -help\" for usage of command_name"},
+        // keytool: help: commands
+        {"Generates.a.certificate.request",
+                "Generates a certificate request"}, //-certreq
+        {"Changes.an.entry.s.alias",
+                "Changes an entry's alias"}, //-changealias
+        {"Deletes.an.entry",
+                "Deletes an entry"}, //-delete
+        {"Exports.certificate",
+                "Exports certificate"}, //-exportcert
+        {"Generates.a.key.pair",
+                "Generates a key pair"}, //-genkeypair
+        {"Generates.a.secret.key",
+                "Generates a secret key"}, //-genseckey
+        {"Generates.certificate.from.a.certificate.request",
+                "Generates certificate from a certificate request"}, //-gencert
+        {"Generates.CRL", "Generates CRL"}, //-gencrl
+        {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
+                "Imports entries from a JDK 1.1.x-style identity database"}, //-identitydb
+        {"Imports.a.certificate.or.a.certificate.chain",
+                "Imports a certificate or a certificate chain"}, //-importcert
+        {"Imports.one.or.all.entries.from.another.keystore",
+                "Imports one or all entries from another keystore"}, //-importkeystore
+        {"Clones.a.key.entry",
+                "Clones a key entry"}, //-keyclone
+        {"Changes.the.key.password.of.an.entry",
+                "Changes the key password of an entry"}, //-keypasswd
+        {"Lists.entries.in.a.keystore",
+                "Lists entries in a keystore"}, //-list
+        {"Prints.the.content.of.a.certificate",
+                "Prints the content of a certificate"}, //-printcert
+        {"Prints.the.content.of.a.certificate.request",
+                "Prints the content of a certificate request"}, //-printcertreq
+        {"Prints.the.content.of.a.CRL.file",
+                "Prints the content of a CRL file"}, //-printcrl
+        {"Generates.a.self.signed.certificate",
+                "Generates a self-signed certificate"}, //-selfcert
+        {"Changes.the.store.password.of.a.keystore",
+                "Changes the store password of a keystore"}, //-storepasswd
+        // keytool: help: options
+        {"alias.name.of.the.entry.to.process",
+                "alias name of the entry to process"}, //-alias
+        {"destination.alias",
+                "destination alias"}, //-destalias
+        {"destination.key.password",
+                "destination key password"}, //-destkeypass
+        {"destination.keystore.name",
+                "destination keystore name"}, //-destkeystore
+        {"destination.keystore.password.protected",
+                "destination keystore password protected"}, //-destprotected
+        {"destination.keystore.provider.name",
+                "destination keystore provider name"}, //-destprovidername
+        {"destination.keystore.password",
+                "destination keystore password"}, //-deststorepass
+        {"destination.keystore.type",
+                "destination keystore type"}, //-deststoretype
+        {"distinguished.name",
+                "distinguished name"}, //-dname
+        {"X.509.extension",
+                "X.509 extension"}, //-ext
+        {"output.file.name",
+                "output file name"}, //-file and -outfile
+        {"input.file.name",
+                "input file name"}, //-file and -infile
+        {"key.algorithm.name",
+                "key algorithm name"}, //-keyalg
+        {"key.password",
+                "key password"}, //-keypass
+        {"key.bit.size",
+                "key bit size"}, //-keysize
+        {"keystore.name",
+                "keystore name"}, //-keystore
+        {"new.password",
+                "new password"}, //-new
+        {"do.not.prompt",
+                "do not prompt"}, //-noprompt
+        {"password.through.protected.mechanism",
+                "password through protected mechanism"}, //-protected
+        {"provider.argument",
+                "provider argument"}, //-providerarg
+        {"provider.class.name",
+                "provider class name"}, //-providerclass
+        {"provider.name",
+                "provider name"}, //-providername
+        {"provider.classpath",
+                "provider classpath"}, //-providerpath
+        {"output.in.RFC.style",
+                "output in RFC style"}, //-rfc
+        {"signature.algorithm.name",
+                "signature algorithm name"}, //-sigalg
+        {"source.alias",
+                "source alias"}, //-srcalias
+        {"source.key.password",
+                "source key password"}, //-srckeypass
+        {"source.keystore.name",
+                "source keystore name"}, //-srckeystore
+        {"source.keystore.password.protected",
+                "source keystore password protected"}, //-srcprotected
+        {"source.keystore.provider.name",
+                "source keystore provider name"}, //-srcprovidername
+        {"source.keystore.password",
+                "source keystore password"}, //-srcstorepass
+        {"source.keystore.type",
+                "source keystore type"}, //-srcstoretype
+        {"SSL.server.host.and.port",
+                "SSL server host and port"}, //-sslserver
+        {"signed.jar.file",
+                "signed jar file"}, //=jarfile
+        {"certificate.validity.start.date.time",
+                "certificate validity start date/time"}, //-startdate
+        {"keystore.password",
+                "keystore password"}, //-storepass
+        {"keystore.type",
+                "keystore type"}, //-storetype
+        {"trust.certificates.from.cacerts",
+                "trust certificates from cacerts"}, //-trustcacerts
+        {"verbose.output",
+                "verbose output"}, //-v
+        {"validity.number.of.days",
+                "validity number of days"}, //-validity
+        {"Serial.ID.of.cert.to.revoke",
+                 "Serial ID of cert to revoke"}, //-id
+        // keytool: Running part
+        {"keytool.error.", "keytool error: "},
+        {"Illegal.option.", "Illegal option:  "},
+        {"Illegal.value.", "Illegal value: "},
+        {"Unknown.password.type.", "Unknown password type: "},
+        {"Cannot.find.environment.variable.",
+                "Cannot find environment variable: "},
+        {"Cannot.find.file.", "Cannot find file: "},
+        {"Command.option.flag.needs.an.argument.", "Command option {0} needs an argument."},
+        {"Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value.",
+                "Warning:  Different store and key passwords not supported for PKCS12 KeyStores. Ignoring user-specified {0} value."},
+        {".keystore.must.be.NONE.if.storetype.is.{0}",
+                "-keystore must be NONE if -storetype is {0}"},
+        {"Too.many.retries.program.terminated",
+                 "Too many retries, program terminated"},
+        {".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}",
+                "-storepasswd and -keypasswd commands not supported if -storetype is {0}"},
+        {".keypasswd.commands.not.supported.if.storetype.is.PKCS12",
+                "-keypasswd commands not supported if -storetype is PKCS12"},
+        {".keypass.and.new.can.not.be.specified.if.storetype.is.{0}",
+                "-keypass and -new can not be specified if -storetype is {0}"},
+        {"if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified",
+                "if -protected is specified, then -storepass, -keypass, and -new must not be specified"},
+        {"if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified",
+                "if -srcprotected is specified, then -srcstorepass and -srckeypass must not be specified"},
+        {"if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified",
+                "if keystore is not password protected, then -storepass, -keypass, and -new must not be specified"},
+        {"if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified",
+                "if source keystore is not password protected, then -srcstorepass and -srckeypass must not be specified"},
+        {"Illegal.startdate.value", "Illegal startdate value"},
+        {"Validity.must.be.greater.than.zero",
+                "Validity must be greater than zero"},
+        {"provName.not.a.provider", "{0} not a provider"},
+        {"Usage.error.no.command.provided", "Usage error: no command provided"},
+        {"Source.keystore.file.exists.but.is.empty.", "Source keystore file exists, but is empty: "},
+        {"Please.specify.srckeystore", "Please specify -srckeystore"},
+        {"Must.not.specify.both.v.and.rfc.with.list.command",
+                "Must not specify both -v and -rfc with 'list' command"},
+        {"Key.password.must.be.at.least.6.characters",
+                "Key password must be at least 6 characters"},
+        {"New.password.must.be.at.least.6.characters",
+                "New password must be at least 6 characters"},
+        {"Keystore.file.exists.but.is.empty.",
+                "Keystore file exists, but is empty: "},
+        {"Keystore.file.does.not.exist.",
+                "Keystore file does not exist: "},
+        {"Must.specify.destination.alias", "Must specify destination alias"},
+        {"Must.specify.alias", "Must specify alias"},
+        {"Keystore.password.must.be.at.least.6.characters",
+                "Keystore password must be at least 6 characters"},
+        {"Enter.keystore.password.", "Enter keystore password:  "},
+        {"Enter.source.keystore.password.", "Enter source keystore password:  "},
+        {"Enter.destination.keystore.password.", "Enter destination keystore password:  "},
+        {"Keystore.password.is.too.short.must.be.at.least.6.characters",
+         "Keystore password is too short - must be at least 6 characters"},
+        {"Unknown.Entry.Type", "Unknown Entry Type"},
+        {"Too.many.failures.Alias.not.changed", "Too many failures. Alias not changed"},
+        {"Entry.for.alias.alias.successfully.imported.",
+                 "Entry for alias {0} successfully imported."},
+        {"Entry.for.alias.alias.not.imported.", "Entry for alias {0} not imported."},
+        {"Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported.",
+                 "Problem importing entry for alias {0}: {1}.\nEntry for alias {0} not imported."},
+        {"Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled",
+                 "Import command completed:  {0} entries successfully imported, {1} entries failed or cancelled"},
+        {"Warning.Overwriting.existing.alias.alias.in.destination.keystore",
+                 "Warning: Overwriting existing alias {0} in destination keystore"},
+        {"Existing.entry.alias.alias.exists.overwrite.no.",
+                 "Existing entry alias {0} exists, overwrite? [no]:  "},
+        {"Too.many.failures.try.later", "Too many failures - try later"},
+        {"Certification.request.stored.in.file.filename.",
+                "Certification request stored in file <{0}>"},
+        {"Submit.this.to.your.CA", "Submit this to your CA"},
+        {"if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified",
+            "if alias not specified, destalias, srckeypass, and destkeypass must not be specified"},
+        {"Certificate.stored.in.file.filename.",
+                "Certificate stored in file <{0}>"},
+        {"Certificate.reply.was.installed.in.keystore",
+                "Certificate reply was installed in keystore"},
+        {"Certificate.reply.was.not.installed.in.keystore",
+                "Certificate reply was not installed in keystore"},
+        {"Certificate.was.added.to.keystore",
+                "Certificate was added to keystore"},
+        {"Certificate.was.not.added.to.keystore",
+                "Certificate was not added to keystore"},
+        {".Storing.ksfname.", "[Storing {0}]"},
+        {"alias.has.no.public.key.certificate.",
+                "{0} has no public key (certificate)"},
+        {"Cannot.derive.signature.algorithm",
+                "Cannot derive signature algorithm"},
+        {"Alias.alias.does.not.exist",
+                "Alias <{0}> does not exist"},
+        {"Alias.alias.has.no.certificate",
+                "Alias <{0}> has no certificate"},
+        {"Key.pair.not.generated.alias.alias.already.exists",
+                "Key pair not generated, alias <{0}> already exists"},
+        {"Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for",
+                "Generating {0} bit {1} key pair and self-signed certificate ({2}) with a validity of {3} days\n\tfor: {4}"},
+        {"Enter.key.password.for.alias.", "Enter key password for <{0}>"},
+        {".RETURN.if.same.as.keystore.password.",
+                "\t(RETURN if same as keystore password):  "},
+        {"Key.password.is.too.short.must.be.at.least.6.characters",
+                "Key password is too short - must be at least 6 characters"},
+        {"Too.many.failures.key.not.added.to.keystore",
+                "Too many failures - key not added to keystore"},
+        {"Destination.alias.dest.already.exists",
+                "Destination alias <{0}> already exists"},
+        {"Password.is.too.short.must.be.at.least.6.characters",
+                "Password is too short - must be at least 6 characters"},
+        {"Too.many.failures.Key.entry.not.cloned",
+                "Too many failures. Key entry not cloned"},
+        {"key.password.for.alias.", "key password for <{0}>"},
+        {"Keystore.entry.for.id.getName.already.exists",
+                "Keystore entry for <{0}> already exists"},
+        {"Creating.keystore.entry.for.id.getName.",
+                "Creating keystore entry for <{0}> ..."},
+        {"No.entries.from.identity.database.added",
+                "No entries from identity database added"},
+        {"Alias.name.alias", "Alias name: {0}"},
+        {"Creation.date.keyStore.getCreationDate.alias.",
+                "Creation date: {0,date}"},
+        {"alias.keyStore.getCreationDate.alias.",
+                "{0}, {1,date}, "},
+        {"alias.", "{0}, "},
+        {"Entry.type.type.", "Entry type: {0}"},
+        {"Certificate.chain.length.", "Certificate chain length: "},
+        {"Certificate.i.1.", "Certificate[{0,number,integer}]:"},
+        {"Certificate.fingerprint.SHA1.", "Certificate fingerprint (SHA1): "},
+        {"Keystore.type.", "Keystore type: "},
+        {"Keystore.provider.", "Keystore provider: "},
+        {"Your.keystore.contains.keyStore.size.entry",
+                "Your keystore contains {0,number,integer} entry"},
+        {"Your.keystore.contains.keyStore.size.entries",
+                "Your keystore contains {0,number,integer} entries"},
+        {"Failed.to.parse.input", "Failed to parse input"},
+        {"Empty.input", "Empty input"},
+        {"Not.X.509.certificate", "Not X.509 certificate"},
+        {"alias.has.no.public.key", "{0} has no public key"},
+        {"alias.has.no.X.509.certificate", "{0} has no X.509 certificate"},
+        {"New.certificate.self.signed.", "New certificate (self-signed):"},
+        {"Reply.has.no.certificates", "Reply has no certificates"},
+        {"Certificate.not.imported.alias.alias.already.exists",
+                "Certificate not imported, alias <{0}> already exists"},
+        {"Input.not.an.X.509.certificate", "Input not an X.509 certificate"},
+        {"Certificate.already.exists.in.keystore.under.alias.trustalias.",
+                "Certificate already exists in keystore under alias <{0}>"},
+        {"Do.you.still.want.to.add.it.no.",
+                "Do you still want to add it? [no]:  "},
+        {"Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias.",
+                "Certificate already exists in system-wide CA keystore under alias <{0}>"},
+        {"Do.you.still.want.to.add.it.to.your.own.keystore.no.",
+                "Do you still want to add it to your own keystore? [no]:  "},
+        {"Trust.this.certificate.no.", "Trust this certificate? [no]:  "},
+        {"YES", "YES"},
+        {"New.prompt.", "New {0}: "},
+        {"Passwords.must.differ", "Passwords must differ"},
+        {"Re.enter.new.prompt.", "Re-enter new {0}: "},
+        {"Re.enter.new.password.", "Re-enter new password: "},
+        {"They.don.t.match.Try.again", "They don't match. Try again"},
+        {"Enter.prompt.alias.name.", "Enter {0} alias name:  "},
+        {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
+                 "Enter new alias name\t(RETURN to cancel import for this entry):  "},
+        {"Enter.alias.name.", "Enter alias name:  "},
+        {".RETURN.if.same.as.for.otherAlias.",
+                "\t(RETURN if same as for <{0}>)"},
+        {".PATTERN.printX509Cert",
+                "Owner: {0}\nIssuer: {1}\nSerial number: {2}\nValid from: {3} until: {4}\nCertificate fingerprints:\n\t MD5:  {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t Signature algorithm name: {8}\n\t Version: {9}"},
+        {"What.is.your.first.and.last.name.",
+                "What is your first and last name?"},
+        {"What.is.the.name.of.your.organizational.unit.",
+                "What is the name of your organizational unit?"},
+        {"What.is.the.name.of.your.organization.",
+                "What is the name of your organization?"},
+        {"What.is.the.name.of.your.City.or.Locality.",
+                "What is the name of your City or Locality?"},
+        {"What.is.the.name.of.your.State.or.Province.",
+                "What is the name of your State or Province?"},
+        {"What.is.the.two.letter.country.code.for.this.unit.",
+                "What is the two-letter country code for this unit?"},
+        {"Is.name.correct.", "Is {0} correct?"},
+        {"no", "no"},
+        {"yes", "yes"},
+        {"y", "y"},
+        {".defaultValue.", "  [{0}]:  "},
+        {"Alias.alias.has.no.key",
+                "Alias <{0}> has no key"},
+        {"Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key",
+                 "Alias <{0}> references an entry type that is not a private key entry.  The -keyclone command only supports cloning of private key entries"},
+
+        {".WARNING.WARNING.WARNING.",
+            "*****************  WARNING WARNING WARNING  *****************"},
+        {"Signer.d.", "Signer #%d:"},
+        {"Timestamp.", "Timestamp:"},
+        {"Signature.", "Signature:"},
+        {"CRLs.", "CRLs:"},
+        {"Certificate.owner.", "Certificate owner: "},
+        {"Not.a.signed.jar.file", "Not a signed jar file"},
+        {"No.certificate.from.the.SSL.server",
+                "No certificate from the SSL server"},
+
+        {".The.integrity.of.the.information.stored.in.your.keystore.",
+            "* The integrity of the information stored in your keystore  *\n" +
+            "* has NOT been verified!  In order to verify its integrity, *\n" +
+            "* you must provide your keystore password.                  *"},
+        {".The.integrity.of.the.information.stored.in.the.srckeystore.",
+            "* The integrity of the information stored in the srckeystore*\n" +
+            "* has NOT been verified!  In order to verify its integrity, *\n" +
+            "* you must provide the srckeystore password.                *"},
+
+        {"Certificate.reply.does.not.contain.public.key.for.alias.",
+                "Certificate reply does not contain public key for <{0}>"},
+        {"Incomplete.certificate.chain.in.reply",
+                "Incomplete certificate chain in reply"},
+        {"Certificate.chain.in.reply.does.not.verify.",
+                "Certificate chain in reply does not verify: "},
+        {"Top.level.certificate.in.reply.",
+                "Top-level certificate in reply:\n"},
+        {".is.not.trusted.", "... is not trusted. "},
+        {"Install.reply.anyway.no.", "Install reply anyway? [no]:  "},
+        {"NO", "NO"},
+        {"Public.keys.in.reply.and.keystore.don.t.match",
+                "Public keys in reply and keystore don't match"},
+        {"Certificate.reply.and.certificate.in.keystore.are.identical",
+                "Certificate reply and certificate in keystore are identical"},
+        {"Failed.to.establish.chain.from.reply",
+                "Failed to establish chain from reply"},
+        {"n", "n"},
+        {"Wrong.answer.try.again", "Wrong answer, try again"},
+        {"Secret.key.not.generated.alias.alias.already.exists",
+                "Secret Key not generated, alias <{0}> already exists"},
+        {"Please.provide.keysize.for.secret.key.generation",
+                "Please provide -keysize for secret key generation"},
+
+        {"verified.by.s.in.s", "Verified by %s in %s"},
+        {"warning.not.verified.make.sure.keystore.is.correct",
+            "WARNING: not verified. Make sure -keystore is correct."},
+
+        {"Extensions.", "Extensions: "},
+        {".Empty.value.", "(Empty value)"},
+        {"Extension.Request.", "Extension Request:"},
+        {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
+                "PKCS #10 Certificate Request (Version 1.0)\n" +
+                "Subject: %s\nPublic Key: %s format %s key\n"},
+        {"Unknown.keyUsage.type.", "Unknown keyUsage type: "},
+        {"Unknown.extendedkeyUsage.type.", "Unknown extendedkeyUsage type: "},
+        {"Unknown.AccessDescription.type.", "Unknown AccessDescription type: "},
+        {"Unrecognized.GeneralName.type.", "Unrecognized GeneralName type: "},
+        {"This.extension.cannot.be.marked.as.critical.",
+                 "This extension cannot be marked as critical. "},
+        {"Odd.number.of.hex.digits.found.", "Odd number of hex digits found: "},
+        {"Unknown.extension.type.", "Unknown extension type: "},
+        {"command.{0}.is.ambiguous.", "command {0} is ambiguous:"}
+    };
+
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/keytool/Resources_de.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,431 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.keytool;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for the keytool.
+ *
+ */
+public class Resources_de extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+        {"NEWLINE", "\n"},
+        {"STAR",
+                "*******************************************"},
+        {"STARNN",
+                "*******************************************\n\n"},
+
+        // keytool: Help part
+// "Option" should be translated.
+        {".OPTION.", " [Option]..."},
+        {"Options.", "Optionen:"},
+        {"Use.keytool.help.for.all.available.commands",
+                 "\"keytool -help\" f\u00FCr alle verf\u00FCgbaren Befehle verwenden"},
+        {"Key.and.Certificate.Management.Tool",
+                 "Schl\u00FCssel- und Zertifikatsverwaltungstool"},
+        {"Commands.", "Befehle:"},
+        {"Use.keytool.command.name.help.for.usage.of.command.name",
+                "\"keytool -command_name -help\" f\u00FCr Verwendung von command_name verwenden"},
+        // keytool: help: commands
+        {"Generates.a.certificate.request",
+                "Generiert eine Zertifikatanforderung"}, //-certreq
+        {"Changes.an.entry.s.alias",
+                "\u00C4ndert den Alias eines Eintrags"}, //-changealias
+        {"Deletes.an.entry",
+                "L\u00F6scht einen Eintrag"}, //-delete
+        {"Exports.certificate",
+                "Exportiert ein Zertifikat"}, //-exportcert
+        {"Generates.a.key.pair",
+                "Generiert ein Schl\u00FCsselpaar"}, //-genkeypair
+// translation of "secret" key should be different to "private" key.
+        {"Generates.a.secret.key",
+                "Generiert einen Secret Key"}, //-genseckey
+        {"Generates.certificate.from.a.certificate.request",
+                "Generiert ein Zertifikat aus einer Zertifikatanforderung"}, //-gencert
+        {"Generates.CRL", "Generiert eine CRL"}, //-gencrl
+        {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
+                "Importiert Eintr\u00E4ge aus einer Identity-Datenbank im JDK 1.1.x-Stil"}, //-identitydb
+        {"Imports.a.certificate.or.a.certificate.chain",
+                "Importiert ein Zertifikat oder eine Zertifikatkette"}, //-importcert
+        {"Imports.one.or.all.entries.from.another.keystore",
+                "Importiert einen oder alle Eintr\u00E4ge aus einem anderen Keystore"}, //-importkeystore
+        {"Clones.a.key.entry",
+                "Clont einen Schl\u00FCsseleintrag"}, //-keyclone
+        {"Changes.the.key.password.of.an.entry",
+                "\u00C4ndert das Schl\u00FCsselkennwort eines Eintrags"}, //-keypasswd
+        {"Lists.entries.in.a.keystore",
+                "Listet die Eintr\u00E4ge in einem Keystore auf"}, //-list
+        {"Prints.the.content.of.a.certificate",
+                "Druckt den Content eines Zertifikats"}, //-printcert
+        {"Prints.the.content.of.a.certificate.request",
+                "Druckt den Content einer Zertifikatanforderung"}, //-printcertreq
+        {"Prints.the.content.of.a.CRL.file",
+                "Druckt den Content einer CRL-Datei"}, //-printcrl
+        {"Generates.a.self.signed.certificate",
+                "Generiert ein selbst signiertes Zertifikat"}, //-selfcert
+        {"Changes.the.store.password.of.a.keystore",
+                "\u00C4ndert das Speicherkennwort eines Keystores"}, //-storepasswd
+        // keytool: help: options
+        {"alias.name.of.the.entry.to.process",
+                "Aliasname des zu verarbeitenden Eintrags"}, //-alias
+        {"destination.alias",
+                "Zielalias"}, //-destalias
+        {"destination.key.password",
+                "Zielschl\u00FCssel-Kennwort"}, //-destkeypass
+        {"destination.keystore.name",
+                "Ziel-Keystore-Name"}, //-destkeystore
+        {"destination.keystore.password.protected",
+                "Ziel-Keystore kennwortgesch\u00FCtzt"}, //-destprotected
+        {"destination.keystore.provider.name",
+                "Ziel-Keystore-Providername"}, //-destprovidername
+        {"destination.keystore.password",
+                "Ziel-Keystore-Kennwort"}, //-deststorepass
+        {"destination.keystore.type",
+                "Ziel-Keystore-Typ"}, //-deststoretype
+        {"distinguished.name",
+                "Distinguished Name"}, //-dname
+        {"X.509.extension",
+                "X.509-Erweiterung"}, //-ext
+        {"output.file.name",
+                "Ausgabedateiname"}, //-file and -outfile
+        {"input.file.name",
+                "Eingabedateiname"}, //-file and -infile
+        {"key.algorithm.name",
+                "Schl\u00FCsselalgorithmusname"}, //-keyalg
+        {"key.password",
+                "Schl\u00FCsselkennwort"}, //-keypass
+        {"key.bit.size",
+                "Schl\u00FCsselbitgr\u00F6\u00DFe"}, //-keysize
+        {"keystore.name",
+                "Keystore-Name"}, //-keystore
+        {"new.password",
+                "Neues Kennwort"}, //-new
+        {"do.not.prompt",
+                "Kein Prompt"}, //-noprompt
+        {"password.through.protected.mechanism",
+                "Kennwort \u00FCber gesch\u00FCtzten Mechanismus"}, //-protected
+        {"provider.argument",
+                "Providerargument"}, //-providerarg
+        {"provider.class.name",
+                "Providerklassenname"}, //-providerclass
+        {"provider.name",
+                "Providername"}, //-providername
+        {"provider.classpath",
+                "Provider-Classpath"}, //-providerpath
+        {"output.in.RFC.style",
+                "Ausgabe in RFC-Stil"}, //-rfc
+        {"signature.algorithm.name",
+                "Signaturalgorithmusname"}, //-sigalg
+        {"source.alias",
+                "Quellalias"}, //-srcalias
+        {"source.key.password",
+                "Quellschl\u00FCssel-Kennwort"}, //-srckeypass
+        {"source.keystore.name",
+                "Quell-Keystore-Name"}, //-srckeystore
+        {"source.keystore.password.protected",
+                "Quell-Keystore kennwortgesch\u00FCtzt"}, //-srcprotected
+        {"source.keystore.provider.name",
+                "Quell-Keystore-Providername"}, //-srcprovidername
+        {"source.keystore.password",
+                "Quell-Keystore-Kennwort"}, //-srcstorepass
+        {"source.keystore.type",
+                "Quell-Keystore-Typ"}, //-srcstoretype
+        {"SSL.server.host.and.port",
+                "SSL-Serverhost und -port"}, //-sslserver
+        {"signed.jar.file",
+                "Signierte JAR-Datei"}, //=jarfile
+        {"certificate.validity.start.date.time",
+                "Anfangsdatum/-zeit f\u00FCr Zertifikatsg\u00FCltigkeit"}, //-startdate
+        {"keystore.password",
+                "Keystore-Kennwort"}, //-storepass
+        {"keystore.type",
+                "Keystore-Typ"}, //-storetype
+        {"trust.certificates.from.cacerts",
+                "Zertifikaten aus cacerts vertrauen"}, //-trustcacerts
+        {"verbose.output",
+                "Verbose-Ausgabe"}, //-v
+        {"validity.number.of.days",
+                "G\u00FCltigkeitsdauer (Tage)"}, //-validity
+        {"Serial.ID.of.cert.to.revoke",
+                 "Serielle ID des zu entziehenden Certs"}, //-id
+        // keytool: Running part
+        {"keytool.error.", "Keytool-Fehler: "},
+        {"Illegal.option.", "Ung\u00FCltige Option:  "},
+        {"Illegal.value.", "Ung\u00FCltiger Wert: "},
+        {"Unknown.password.type.", "Unbekannter Kennworttyp: "},
+        {"Cannot.find.environment.variable.",
+                "Umgebungsvariable kann nicht gefunden werden: "},
+        {"Cannot.find.file.", "Datei kann nicht gefunden werden: "},
+        {"Command.option.flag.needs.an.argument.", "Befehlsoption {0} ben\u00F6tigt ein Argument."},
+        {"Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value.",
+                "Warnung: Keine Unterst\u00FCtzung f\u00FCr unterschiedliche Speicher- und Schl\u00FCsselkennw\u00F6rter bei PKCS12 KeyStores. Der benutzerdefinierte Wert {0} wird ignoriert."},
+        {".keystore.must.be.NONE.if.storetype.is.{0}",
+                "-keystore muss NONE sein, wenn -storetype {0} ist"},
+        {"Too.many.retries.program.terminated",
+                 "Zu viele erneute Versuche. Programm wird beendet"},
+        {".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}",
+                "Befehle -storepasswd und -keypasswd werden nicht unterst\u00FCtzt, wenn -storetype {0} ist"},
+        {".keypasswd.commands.not.supported.if.storetype.is.PKCS12",
+                "Befehle des Typs -keypasswd werden nicht unterst\u00FCtzt, wenn -storetype PKCS12 ist"},
+        {".keypass.and.new.can.not.be.specified.if.storetype.is.{0}",
+                "-keypass und -new k\u00F6nnen nicht angegeben werden, wenn -storetype {0} ist"},
+        {"if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified",
+                "Wenn -protected angegeben ist, d\u00FCrfen -storepass, -keypass und -new nicht angegeben werden"},
+        {"if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified",
+                "Wenn -srcprotected angegeben ist, d\u00FCrfen -srcstorepass und -srckeypass nicht angegeben werden"},
+        {"if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified",
+                "Wenn der Keystore nicht kennwortgesch\u00FCtzt ist, d\u00FCrfen -storepass, -keypass und -new nicht angegeben werden"},
+        {"if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified",
+                "Wenn der Quell-Keystore nicht kennwortgesch\u00FCtzt ist, d\u00FCrfen -srcstorepass und -srckeypass nicht angegeben werden"},
+        {"Illegal.startdate.value", "Ung\u00FCltiger Wert f\u00FCr Anfangsdatum"},
+        {"Validity.must.be.greater.than.zero",
+                "G\u00FCltigkeit muss gr\u00F6\u00DFer als null sein"},
+        {"provName.not.a.provider", "{0} kein Provider"},
+        {"Usage.error.no.command.provided", "Verwendungsfehler: Kein Befehl angegeben"},
+        {"Source.keystore.file.exists.but.is.empty.", "Quell-Keystore-Datei ist zwar vorhanden, ist aber leer: "},
+        {"Please.specify.srckeystore", "Geben Sie -srckeystore an"},
+        {"Must.not.specify.both.v.and.rfc.with.list.command",
+                "-v und -rfc d\u00FCrfen bei Befehl \"list\" nicht beide angegeben werden"},
+        {"Key.password.must.be.at.least.6.characters",
+                "Schl\u00FCsselkennwort muss mindestens sechs Zeichen lang sein"},
+        {"New.password.must.be.at.least.6.characters",
+                "Neues Kennwort muss mindestens sechs Zeichen lang sein"},
+        {"Keystore.file.exists.but.is.empty.",
+                "Keystore-Datei ist vorhanden, ist aber leer: "},
+        {"Keystore.file.does.not.exist.",
+                "Keystore-Datei ist nicht vorhanden: "},
+        {"Must.specify.destination.alias", "Sie m\u00FCssen einen Zielalias angeben"},
+        {"Must.specify.alias", "Sie m\u00FCssen einen Alias angeben"},
+        {"Keystore.password.must.be.at.least.6.characters",
+                "Keystore-Kennwort muss mindestens sechs Zeichen lang sein"},
+        {"Enter.keystore.password.", "Keystore-Kennwort eingeben:  "},
+        {"Enter.source.keystore.password.", "Quell-Keystore-Kennwort eingeben:  "},
+        {"Enter.destination.keystore.password.", "Ziel-Keystore-Kennwort eingeben:  "},
+        {"Keystore.password.is.too.short.must.be.at.least.6.characters",
+         "Keystore-Kennwort ist zu kurz. Es muss mindestens sechs Zeichen lang sein"},
+        {"Unknown.Entry.Type", "Unbekannter Eintragstyp"},
+        {"Too.many.failures.Alias.not.changed", "Zu viele Fehler. Alias nicht ge\u00E4ndert"},
+        {"Entry.for.alias.alias.successfully.imported.",
+                 "Eintrag f\u00FCr Alias {0} erfolgreich importiert."},
+        {"Entry.for.alias.alias.not.imported.", "Eintrag f\u00FCr Alias {0} nicht importiert."},
+        {"Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported.",
+                 "Problem beim Importieren des Eintrags f\u00FCr Alias {0}: {1}.\nEintrag f\u00FCr Alias {0} nicht importiert."},
+        {"Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled",
+                 "Importbefehl abgeschlossen: {0} Eintr\u00E4ge erfolgreich importiert, {1} Eintr\u00E4ge nicht erfolgreich oder abgebrochen"},
+        {"Warning.Overwriting.existing.alias.alias.in.destination.keystore",
+                 "Warnung: Vorhandener Alias {0} in Ziel-Keystore wird \u00FCberschrieben"},
+        {"Existing.entry.alias.alias.exists.overwrite.no.",
+                 "Eintragsalias {0} ist bereits vorhanden. \u00DCberschreiben? [Nein]:  "},
+        {"Too.many.failures.try.later", "Zu viele Fehler. Versuchen Sie es sp\u00E4ter erneut"},
+        {"Certification.request.stored.in.file.filename.",
+                "Zertifizierungsanforderung in Datei <{0}> gespeichert"},
+        {"Submit.this.to.your.CA", "Leiten Sie dies an die CA weiter"},
+        {"if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified",
+            "Wenn kein Alias angegeben ist, d\u00FCrfen destalias, srckeypass und destkeypass nicht angegeben werden"},
+        {"Certificate.stored.in.file.filename.",
+                "Zertifikat in Datei <{0}> gespeichert"},
+        {"Certificate.reply.was.installed.in.keystore",
+                "Zertifikatantwort wurde in Keystore installiert"},
+        {"Certificate.reply.was.not.installed.in.keystore",
+                "Zertifikatantwort wurde nicht in Keystore installiert"},
+        {"Certificate.was.added.to.keystore",
+                "Zertifikat wurde Keystore hinzugef\u00FCgt"},
+        {"Certificate.was.not.added.to.keystore",
+                "Zertifikat wurde nicht zu Keystore hinzugef\u00FCgt"},
+        {".Storing.ksfname.", "[{0} wird gesichert]"},
+        {"alias.has.no.public.key.certificate.",
+                "{0} hat keinen Public Key (Zertifikat)"},
+        {"Cannot.derive.signature.algorithm",
+                "Signaturalgorithmus kann nicht abgeleitet werden"},
+        {"Alias.alias.does.not.exist",
+                "Alias <{0}> ist nicht vorhanden"},
+        {"Alias.alias.has.no.certificate",
+                "Alias <{0}> hat kein Zertifikat"},
+        {"Key.pair.not.generated.alias.alias.already.exists",
+                "Schl\u00FCsselpaar wurde nicht generiert. Alias <{0}> ist bereits vorhanden"},
+        {"Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for",
+                "Generieren von Schl\u00FCsselpaar (Typ {1}, {0} Bit) und selbst signiertem Zertifikat ({2}) mit einer G\u00FCltigkeit von {3} Tagen\n\tf\u00FCr: {4}"},
+        {"Enter.key.password.for.alias.", "Schl\u00FCsselkennwort f\u00FCr <{0}> eingeben"},
+        {".RETURN.if.same.as.keystore.password.",
+                "\t(RETURN, wenn identisch mit Keystore-Kennwort):  "},
+        {"Key.password.is.too.short.must.be.at.least.6.characters",
+                "Schl\u00FCsselkennwort ist zu kurz. Es muss mindestens sechs Zeichen lang sein"},
+        {"Too.many.failures.key.not.added.to.keystore",
+                "Zu viele Fehler. Schl\u00FCssel wurde nicht zu Keystore hinzugef\u00FCgt"},
+        {"Destination.alias.dest.already.exists",
+                "Zielalias <{0}> bereits vorhanden"},
+        {"Password.is.too.short.must.be.at.least.6.characters",
+                "Kennwort ist zu kurz. Es muss mindestens sechs Zeichen lang sein"},
+        {"Too.many.failures.Key.entry.not.cloned",
+                "Zu viele Fehler. Schl\u00FCsseleintrag wurde nicht geclont"},
+        {"key.password.for.alias.", "Schl\u00FCsselkennwort f\u00FCr <{0}>"},
+        {"Keystore.entry.for.id.getName.already.exists",
+                "Keystore-Eintrag f\u00FCr <{0}> bereits vorhanden"},
+        {"Creating.keystore.entry.for.id.getName.",
+                "Keystore-Eintrag f\u00FCr <{0}> wird erstellt..."},
+        {"No.entries.from.identity.database.added",
+                "Keine Eintr\u00E4ge aus Identity-Datenbank hinzugef\u00FCgt"},
+        {"Alias.name.alias", "Aliasname: {0}"},
+        {"Creation.date.keyStore.getCreationDate.alias.",
+                "Erstellungsdatum: {0,date}"},
+        {"alias.keyStore.getCreationDate.alias.",
+                "{0}, {1,date}, "},
+        {"alias.", "{0}, "},
+        {"Entry.type.type.", "Eintragstyp: {0}"},
+        {"Certificate.chain.length.", "Zertifikatkettenl\u00E4nge: "},
+        {"Certificate.i.1.", "Zertifikat[{0,number,integer}]:"},
+        {"Certificate.fingerprint.SHA1.", "Zertifikat-Fingerprint (SHA1): "},
+        {"Keystore.type.", "Keystore-Typ: "},
+        {"Keystore.provider.", "Keystore-Provider: "},
+        {"Your.keystore.contains.keyStore.size.entry",
+                "Keystore enth\u00E4lt {0,number,integer} Eintrag"},
+        {"Your.keystore.contains.keyStore.size.entries",
+                "Keystore enth\u00E4lt {0,number,integer} Eintr\u00E4ge"},
+        {"Failed.to.parse.input", "Eingabe konnte nicht geparst werden"},
+        {"Empty.input", "Leere Eingabe"},
+        {"Not.X.509.certificate", "Kein X.509-Zertifikat"},
+        {"alias.has.no.public.key", "{0} hat keinen Public Key"},
+        {"alias.has.no.X.509.certificate", "{0} hat kein X.509-Zertifikat"},
+        {"New.certificate.self.signed.", "Neues Zertifikat (selbst signiert):"},
+        {"Reply.has.no.certificates", "Antwort hat keine Zertifikate"},
+        {"Certificate.not.imported.alias.alias.already.exists",
+                "Zertifikat nicht importiert. Alias <{0}> ist bereits vorhanden"},
+        {"Input.not.an.X.509.certificate", "Eingabe kein X.509-Zertifikat"},
+        {"Certificate.already.exists.in.keystore.under.alias.trustalias.",
+                "Zertifikat ist bereits unter Alias <{0}> im Keystore vorhanden"},
+        {"Do.you.still.want.to.add.it.no.",
+                "M\u00F6chten Sie es trotzdem hinzuf\u00FCgen? [Nein]:  "},
+        {"Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias.",
+                "Zertifikat ist bereits unter Alias <{0}> im systemweiten CA-Keystore vorhanden"},
+        {"Do.you.still.want.to.add.it.to.your.own.keystore.no.",
+                "M\u00F6chten Sie es trotzdem zu Ihrem eigenen Keystore hinzuf\u00FCgen? [Nein]:  "},
+        {"Trust.this.certificate.no.", "Diesem Zertifikat vertrauen? [Nein]:  "},
+        {"YES", "Ja"},
+        {"New.prompt.", "Neues {0}: "},
+        {"Passwords.must.differ", "Kennw\u00F6rter m\u00FCssen sich unterscheiden"},
+        {"Re.enter.new.prompt.", "Neues {0} erneut eingeben: "},
+        {"Re.enter.new.password.", "Neues Kennwort erneut eingeben: "},
+        {"They.don.t.match.Try.again", "Keine \u00DCbereinstimmung. Wiederholen Sie den Vorgang"},
+        {"Enter.prompt.alias.name.", "{0}-Aliasnamen eingeben:  "},
+        {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
+                 "Geben Sie einen neuen Aliasnamen ein\t(RETURN, um den Import dieses Eintrags abzubrechen):  "},
+        {"Enter.alias.name.", "Aliasnamen eingeben:  "},
+        {".RETURN.if.same.as.for.otherAlias.",
+                "\t(RETURN, wenn identisch mit <{0}>)"},
+        {".PATTERN.printX509Cert",
+                "Eigent\u00FCmer: {0}\nAussteller: {1}\nSeriennummer: {2}\nG\u00FCltig von: {3} bis: {4}\nZertifikat-Fingerprints:\n\t MD5:  {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t Signaturalgorithmusname: {8}\n\t Version: {9}"},
+        {"What.is.your.first.and.last.name.",
+                "Wie lautet Ihr Vor- und Nachname?"},
+        {"What.is.the.name.of.your.organizational.unit.",
+                "Wie lautet der Name Ihrer organisatorischen Einheit?"},
+        {"What.is.the.name.of.your.organization.",
+                "Wie lautet der Name Ihrer Organisation?"},
+        {"What.is.the.name.of.your.City.or.Locality.",
+                "Wie lautet der Name Ihrer Stadt oder Gemeinde?"},
+        {"What.is.the.name.of.your.State.or.Province.",
+                "Wie lautet der Name Ihres Bundeslands?"},
+        {"What.is.the.two.letter.country.code.for.this.unit.",
+                "Wie lautet der L\u00E4ndercode (zwei Buchstaben) f\u00FCr diese Einheit?"},
+        {"Is.name.correct.", "Ist {0} richtig?"},
+        {"no", "Nein"},
+        {"yes", "Ja"},
+        {"y", "J"},
+        {".defaultValue.", "  [{0}]:  "},
+        {"Alias.alias.has.no.key",
+                "Alias <{0}> verf\u00FCgt \u00FCber keinen Schl\u00FCssel"},
+        {"Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key",
+                 "Alias <{0}> verweist auf einen Eintragstyp, der kein Private Key-Eintrag ist. Der Befehl -keyclone unterst\u00FCtzt nur das Clonen von Private Key-Eintr\u00E4gen"},
+
+        {".WARNING.WARNING.WARNING.",
+            "*****************  Warnung Warnung Warnung  *****************"},
+        {"Signer.d.", "Signaturgeber #%d:"},
+        {"Timestamp.", "Zeitstempel:"},
+        {"Signature.", "Signatur:"},
+        {"CRLs.", "CRLs:"},
+        {"Certificate.owner.", "Zertifikateigent\u00FCmer: "},
+        {"Not.a.signed.jar.file", "Keine signierte JAR-Datei"},
+        {"No.certificate.from.the.SSL.server",
+                "Kein Zertifikat vom SSL-Server"},
+
+        {".The.integrity.of.the.information.stored.in.your.keystore.",
+            "* Die Integrit\u00E4t der Informationen, die in Ihrem Keystore gespeichert sind, *\n* wurde NICHT gepr\u00FCft. Um die Integrit\u00E4t zu pr\u00FCfen, *\n* m\u00FCssen Sie Ihr Keystore-Kennwort angeben.                  *"},
+        {".The.integrity.of.the.information.stored.in.the.srckeystore.",
+            "* Die Integrit\u00E4t der Informationen, die in Ihrem Srckeystore gespeichert sind, *\n* wurde NICHT gepr\u00FCft. Um die Integrit\u00E4t zu pr\u00FCfen, *\n* m\u00FCssen Sie Ihr Srckeystore-Kennwort angeben.                  *"},
+
+        {"Certificate.reply.does.not.contain.public.key.for.alias.",
+                "Zertifikatantwort enth\u00E4lt keinen Public Key f\u00FCr <{0}>"},
+        {"Incomplete.certificate.chain.in.reply",
+                "Unvollst\u00E4ndige Zertifikatkette in Antwort"},
+        {"Certificate.chain.in.reply.does.not.verify.",
+                "Zertifikatkette in Antwort verifiziert nicht: "},
+        {"Top.level.certificate.in.reply.",
+                "Zertifikat der obersten Ebene in Antwort:\n"},
+        {".is.not.trusted.", "... ist nicht vertrauensw\u00FCrdig. "},
+        {"Install.reply.anyway.no.", "Antwort trotzdem installieren? [Nein]:  "},
+        {"NO", "Nein"},
+        {"Public.keys.in.reply.and.keystore.don.t.match",
+                "Public Keys in Antwort und Keystore stimmen nicht \u00FCberein"},
+        {"Certificate.reply.and.certificate.in.keystore.are.identical",
+                "Zertifikatantwort und Zertifikat in Keystore sind identisch"},
+        {"Failed.to.establish.chain.from.reply",
+                "Kette konnte der Antwort nicht entnommen werden"},
+        {"n", "N"},
+        {"Wrong.answer.try.again", "Falsche Antwort. Wiederholen Sie den Vorgang"},
+        {"Secret.key.not.generated.alias.alias.already.exists",
+                "Secret Key wurde nicht generiert. Alias <{0}> ist bereits vorhanden"},
+        {"Please.provide.keysize.for.secret.key.generation",
+                "Geben Sie -keysize zum Erstellen eines Secret Keys an"},
+
+        {"Extensions.", "Erweiterungen: "},
+        {".Empty.value.", "(Leerer Wert)"},
+        {"Extension.Request.", "Erweiterungsanforderung:"},
+        {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
+                "PKCS #10-Zertifikatanforderung (Version 1.0)\nSubjekt: %s\nPublic Key: %s Format %s Schl\u00FCssel\n"},
+        {"Unknown.keyUsage.type.", "Unbekannter keyUsage-Typ: "},
+        {"Unknown.extendedkeyUsage.type.", "Unbekannter extendedkeyUsage-Typ: "},
+        {"Unknown.AccessDescription.type.", "Unbekannter AccessDescription-Typ: "},
+        {"Unrecognized.GeneralName.type.", "Unbekannter GeneralName-Typ: "},
+        {"This.extension.cannot.be.marked.as.critical.",
+                 "Erweiterung kann nicht als \"Kritisch\" markiert werden. "},
+        {"Odd.number.of.hex.digits.found.", "Ungerade Anzahl hexadezimaler Ziffern gefunden: "},
+        {"Unknown.extension.type.", "Unbekannter Erweiterungstyp: "},
+        {"command.{0}.is.ambiguous.", "Befehl {0} ist mehrdeutig:"}
+    };
+
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/keytool/Resources_es.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,431 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.keytool;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for the keytool.
+ *
+ */
+public class Resources_es extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+        {"NEWLINE", "\n"},
+        {"STAR",
+                "*******************************************"},
+        {"STARNN",
+                "*******************************************\n\n"},
+
+        // keytool: Help part
+// "Option" should be translated.
+        {".OPTION.", " [Opci\u00F3n]..."},
+        {"Options.", "Opciones:"},
+        {"Use.keytool.help.for.all.available.commands",
+                 "Utilice\"keytool -help\" para todos los comandos disponibles"},
+        {"Key.and.Certificate.Management.Tool",
+                 "Herramienta de Gesti\u00F3n de Certificados y Claves"},
+        {"Commands.", "Comandos:"},
+        {"Use.keytool.command.name.help.for.usage.of.command.name",
+                "Utilice \"keytool -command_name -help\" para la sintaxis de nombre_comando"},
+        // keytool: help: commands
+        {"Generates.a.certificate.request",
+                "Genera una solicitud de certificado"}, //-certreq
+        {"Changes.an.entry.s.alias",
+                "Cambia un alias de entrada"}, //-changealias
+        {"Deletes.an.entry",
+                "Suprime una entrada"}, //-delete
+        {"Exports.certificate",
+                "Exporta el certificado"}, //-exportcert
+        {"Generates.a.key.pair",
+                "Genera un par de claves"}, //-genkeypair
+// translation of "secret" key should be different to "private" key.
+        {"Generates.a.secret.key",
+                "Genera un clave secreta"}, //-genseckey
+        {"Generates.certificate.from.a.certificate.request",
+                "Genera un certificado a partir de una solicitud de certificado"}, //-gencert
+        {"Generates.CRL", "Genera CRL"}, //-gencrl
+        {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
+                "Importa entradas desde una base de datos de identidades JDK 1.1.x-style"}, //-identitydb
+        {"Imports.a.certificate.or.a.certificate.chain",
+                "Importa un certificado o una cadena de certificados"}, //-importcert
+        {"Imports.one.or.all.entries.from.another.keystore",
+                "Importa una o todas las entradas desde otro almac\u00E9n de claves"}, //-importkeystore
+        {"Clones.a.key.entry",
+                "Clona una entrada de clave"}, //-keyclone
+        {"Changes.the.key.password.of.an.entry",
+                "Cambia la contrase\u00F1a de clave de una entrada"}, //-keypasswd
+        {"Lists.entries.in.a.keystore",
+                "Enumera las entradas de un almac\u00E9n de claves"}, //-list
+        {"Prints.the.content.of.a.certificate",
+                "Imprime el contenido de un certificado"}, //-printcert
+        {"Prints.the.content.of.a.certificate.request",
+                "Imprime el contenido de una solicitud de certificado"}, //-printcertreq
+        {"Prints.the.content.of.a.CRL.file",
+                "Imprime el contenido de un archivo CRL"}, //-printcrl
+        {"Generates.a.self.signed.certificate",
+                "Genera un certificado autofirmado"}, //-selfcert
+        {"Changes.the.store.password.of.a.keystore",
+                "Cambia la contrase\u00F1a de almac\u00E9n de un almac\u00E9n de claves"}, //-storepasswd
+        // keytool: help: options
+        {"alias.name.of.the.entry.to.process",
+                "nombre de alias de la entrada que se va a procesar"}, //-alias
+        {"destination.alias",
+                "alias de destino"}, //-destalias
+        {"destination.key.password",
+                "contrase\u00F1a de clave de destino"}, //-destkeypass
+        {"destination.keystore.name",
+                "nombre de almac\u00E9n de claves de destino"}, //-destkeystore
+        {"destination.keystore.password.protected",
+                "almac\u00E9n de claves de destino protegido por contrase\u00F1a"}, //-destprotected
+        {"destination.keystore.provider.name",
+                "nombre de proveedor de almac\u00E9n de claves de destino"}, //-destprovidername
+        {"destination.keystore.password",
+                "contrase\u00F1a de almac\u00E9n de claves de destino"}, //-deststorepass
+        {"destination.keystore.type",
+                "tipo de almac\u00E9n de claves de destino"}, //-deststoretype
+        {"distinguished.name",
+                "nombre distintivo"}, //-dname
+        {"X.509.extension",
+                "extensi\u00F3n X.509"}, //-ext
+        {"output.file.name",
+                "nombre de archivo de salida"}, //-file and -outfile
+        {"input.file.name",
+                "nombre de archivo de entrada"}, //-file and -infile
+        {"key.algorithm.name",
+                "nombre de algoritmo de clave"}, //-keyalg
+        {"key.password",
+                "contrase\u00F1a de clave"}, //-keypass
+        {"key.bit.size",
+                "tama\u00F1o de bit de clave"}, //-keysize
+        {"keystore.name",
+                "nombre de almac\u00E9n de claves"}, //-keystore
+        {"new.password",
+                "nueva contrase\u00F1a"}, //-new
+        {"do.not.prompt",
+                "no solicitar"}, //-noprompt
+        {"password.through.protected.mechanism",
+                "contrase\u00F1a a trav\u00E9s de mecanismo protegido"}, //-protected
+        {"provider.argument",
+                "argumento del proveedor"}, //-providerarg
+        {"provider.class.name",
+                "nombre de clase del proveedor"}, //-providerclass
+        {"provider.name",
+                "nombre del proveedor"}, //-providername
+        {"provider.classpath",
+                "classpath de proveedor"}, //-providerpath
+        {"output.in.RFC.style",
+                "salida en estilo RFC"}, //-rfc
+        {"signature.algorithm.name",
+                "nombre de algoritmo de firma"}, //-sigalg
+        {"source.alias",
+                "alias de origen"}, //-srcalias
+        {"source.key.password",
+                "contrase\u00F1a de clave de origen"}, //-srckeypass
+        {"source.keystore.name",
+                "nombre de almac\u00E9n de claves de origen"}, //-srckeystore
+        {"source.keystore.password.protected",
+                "almac\u00E9n de claves de origen protegido por contrase\u00F1a"}, //-srcprotected
+        {"source.keystore.provider.name",
+                "nombre de proveedor de almac\u00E9n de claves de origen"}, //-srcprovidername
+        {"source.keystore.password",
+                "contrase\u00F1a de almac\u00E9n de claves de origen"}, //-srcstorepass
+        {"source.keystore.type",
+                "tipo de almac\u00E9n de claves de origen"}, //-srcstoretype
+        {"SSL.server.host.and.port",
+                "puerto y host del servidor SSL"}, //-sslserver
+        {"signed.jar.file",
+                "archivo jar firmado"}, //=jarfile
+        {"certificate.validity.start.date.time",
+                "fecha/hora de inicio de validez del certificado"}, //-startdate
+        {"keystore.password",
+                "contrase\u00F1a de almac\u00E9n de claves"}, //-storepass
+        {"keystore.type",
+                "tipo de almac\u00E9n de claves"}, //-storetype
+        {"trust.certificates.from.cacerts",
+                "certificados de protecci\u00F3n de cacerts"}, //-trustcacerts
+        {"verbose.output",
+                "salida detallada"}, //-v
+        {"validity.number.of.days",
+                "n\u00FAmero de validez de d\u00EDas"}, //-validity
+        {"Serial.ID.of.cert.to.revoke",
+                 "identificador de serie del certificado que se va a revocar"}, //-id
+        // keytool: Running part
+        {"keytool.error.", "error de herramienta de claves: "},
+        {"Illegal.option.", "Opci\u00F3n no permitida:  "},
+        {"Illegal.value.", "Valor no permitido: "},
+        {"Unknown.password.type.", "Tipo de contrase\u00F1a desconocido: "},
+        {"Cannot.find.environment.variable.",
+                "No se ha encontrado la variable del entorno: "},
+        {"Cannot.find.file.", "No se ha encontrado el archivo: "},
+        {"Command.option.flag.needs.an.argument.", "La opci\u00F3n de comando {0} necesita un argumento."},
+        {"Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value.",
+                "Advertencia: los almacenes de claves en formato PKCS12 no admiten contrase\u00F1as de clave y almacenamiento distintas. Se ignorar\u00E1 el valor especificado por el usuario, {0}."},
+        {".keystore.must.be.NONE.if.storetype.is.{0}",
+                "-keystore debe ser NONE si -storetype es {0}"},
+        {"Too.many.retries.program.terminated",
+                 "Ha habido demasiados intentos, se ha cerrado el programa"},
+        {".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}",
+                "Los comandos -storepasswd y -keypasswd no est\u00E1n soportados si -storetype es {0}"},
+        {".keypasswd.commands.not.supported.if.storetype.is.PKCS12",
+                "Los comandos -keypasswd no est\u00E1n soportados si -storetype es PKCS12"},
+        {".keypass.and.new.can.not.be.specified.if.storetype.is.{0}",
+                "-keypass y -new no se pueden especificar si -storetype es {0}"},
+        {"if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified",
+                "si se especifica -protected, no deben especificarse -storepass, -keypass ni -new"},
+        {"if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified",
+                "Si se especifica -srcprotected, no se puede especificar -srcstorepass ni -srckeypass"},
+        {"if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified",
+                "Si keystore no est\u00E1 protegido por contrase\u00F1a, no se deben especificar -storepass, -keypass ni -new"},
+        {"if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified",
+                "Si el almac\u00E9n de claves de origen no est\u00E1 protegido por contrase\u00F1a, no se deben especificar -srcstorepass ni -srckeypass"},
+        {"Illegal.startdate.value", "Valor de fecha de inicio no permitido"},
+        {"Validity.must.be.greater.than.zero",
+                "La validez debe ser mayor que cero"},
+        {"provName.not.a.provider", "{0} no es un proveedor"},
+        {"Usage.error.no.command.provided", "Error de sintaxis: no se ha proporcionado ning\u00FAn comando"},
+        {"Source.keystore.file.exists.but.is.empty.", "El archivo de almac\u00E9n de claves de origen existe, pero est\u00E1 vac\u00EDo: "},
+        {"Please.specify.srckeystore", "Especifique -srckeystore"},
+        {"Must.not.specify.both.v.and.rfc.with.list.command",
+                "No se deben especificar -v y -rfc simult\u00E1neamente con el comando 'list'"},
+        {"Key.password.must.be.at.least.6.characters",
+                "La contrase\u00F1a de clave debe tener al menos 6 caracteres"},
+        {"New.password.must.be.at.least.6.characters",
+                "La nueva contrase\u00F1a debe tener al menos 6 caracteres"},
+        {"Keystore.file.exists.but.is.empty.",
+                "El archivo de almac\u00E9n de claves existe, pero est\u00E1 vac\u00EDo: "},
+        {"Keystore.file.does.not.exist.",
+                "El archivo de almac\u00E9n de claves no existe: "},
+        {"Must.specify.destination.alias", "Se debe especificar un alias de destino"},
+        {"Must.specify.alias", "Se debe especificar un alias"},
+        {"Keystore.password.must.be.at.least.6.characters",
+                "La contrase\u00F1a del almac\u00E9n de claves debe tener al menos 6 caracteres"},
+        {"Enter.keystore.password.", "Introduzca la contrase\u00F1a del almac\u00E9n de claves:  "},
+        {"Enter.source.keystore.password.", "Introduzca la contrase\u00F1a de almac\u00E9n de claves de origen:  "},
+        {"Enter.destination.keystore.password.", "Introduzca la contrase\u00F1a de almac\u00E9n de claves de destino:  "},
+        {"Keystore.password.is.too.short.must.be.at.least.6.characters",
+         "La contrase\u00F1a del almac\u00E9n de claves es demasiado corta, debe tener al menos 6 caracteres"},
+        {"Unknown.Entry.Type", "Tipo de Entrada Desconocido"},
+        {"Too.many.failures.Alias.not.changed", "Demasiados fallos. No se ha cambiado el alias"},
+        {"Entry.for.alias.alias.successfully.imported.",
+                 "La entrada del alias {0} se ha importado correctamente."},
+        {"Entry.for.alias.alias.not.imported.", "La entrada del alias {0} no se ha importado."},
+        {"Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported.",
+                 "Problema al importar la entrada del alias {0}: {1}.\nNo se ha importado la entrada del alias {0}."},
+        {"Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled",
+                 "Comando de importaci\u00F3n completado: {0} entradas importadas correctamente, {1} entradas incorrectas o canceladas"},
+        {"Warning.Overwriting.existing.alias.alias.in.destination.keystore",
+                 "Advertencia: se sobrescribir\u00E1 el alias {0} en el almac\u00E9n de claves de destino"},
+        {"Existing.entry.alias.alias.exists.overwrite.no.",
+                 "El alias de entrada existente {0} ya existe, \u00BFdesea sobrescribirlo? [no]:  "},
+        {"Too.many.failures.try.later", "Demasiados fallos; int\u00E9ntelo m\u00E1s adelante"},
+        {"Certification.request.stored.in.file.filename.",
+                "Solicitud de certificaci\u00F3n almacenada en el archivo <{0}>"},
+        {"Submit.this.to.your.CA", "Enviar a la CA"},
+        {"if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified",
+            "si no se especifica el alias, no se puede especificar destalias, srckeypass ni destkeypass"},
+        {"Certificate.stored.in.file.filename.",
+                "Certificado almacenado en el archivo <{0}>"},
+        {"Certificate.reply.was.installed.in.keystore",
+                "Se ha instalado la respuesta del certificado en el almac\u00E9n de claves"},
+        {"Certificate.reply.was.not.installed.in.keystore",
+                "No se ha instalado la respuesta del certificado en el almac\u00E9n de claves"},
+        {"Certificate.was.added.to.keystore",
+                "Se ha agregado el certificado al almac\u00E9n de claves"},
+        {"Certificate.was.not.added.to.keystore",
+                "No se ha agregado el certificado al almac\u00E9n de claves"},
+        {".Storing.ksfname.", "[Almacenando {0}]"},
+        {"alias.has.no.public.key.certificate.",
+                "{0} no tiene clave p\u00FAblica (certificado)"},
+        {"Cannot.derive.signature.algorithm",
+                "No se puede derivar el algoritmo de firma"},
+        {"Alias.alias.does.not.exist",
+                "El alias <{0}> no existe"},
+        {"Alias.alias.has.no.certificate",
+                "El alias <{0}> no tiene certificado"},
+        {"Key.pair.not.generated.alias.alias.already.exists",
+                "No se ha generado el par de claves, el alias <{0}> ya existe"},
+        {"Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for",
+                "Generando par de claves {1} de {0} bits para certificado autofirmado ({2}) con una validez de {3} d\u00EDas\n\tpara: {4}"},
+        {"Enter.key.password.for.alias.", "Introduzca la contrase\u00F1a de clave para <{0}>"},
+        {".RETURN.if.same.as.keystore.password.",
+                "\t(INTRO si es la misma contrase\u00F1a que la del almac\u00E9n de claves):  "},
+        {"Key.password.is.too.short.must.be.at.least.6.characters",
+                "La contrase\u00F1a de clave es demasiado corta; debe tener al menos 6 caracteres"},
+        {"Too.many.failures.key.not.added.to.keystore",
+                "Demasiados fallos; no se ha agregado la clave al almac\u00E9n de claves"},
+        {"Destination.alias.dest.already.exists",
+                "El alias de destino <{0}> ya existe"},
+        {"Password.is.too.short.must.be.at.least.6.characters",
+                "La contrase\u00F1a es demasiado corta; debe tener al menos 6 caracteres"},
+        {"Too.many.failures.Key.entry.not.cloned",
+                "Demasiados fallos. No se ha clonado la entrada de clave"},
+        {"key.password.for.alias.", "contrase\u00F1a de clave para <{0}>"},
+        {"Keystore.entry.for.id.getName.already.exists",
+                "La entrada de almac\u00E9n de claves para <{0}> ya existe"},
+        {"Creating.keystore.entry.for.id.getName.",
+                "Creando entrada de almac\u00E9n de claves para <{0}> ..."},
+        {"No.entries.from.identity.database.added",
+                "No se han agregado entradas de la base de datos de identidades"},
+        {"Alias.name.alias", "Nombre de Alias: {0}"},
+        {"Creation.date.keyStore.getCreationDate.alias.",
+                "Fecha de Creaci\u00F3n: {0,date}"},
+        {"alias.keyStore.getCreationDate.alias.",
+                "{0}, {1,date}, "},
+        {"alias.", "{0}, "},
+        {"Entry.type.type.", "Tipo de Entrada: {0}"},
+        {"Certificate.chain.length.", "Longitud de la Cadena de Certificado: "},
+        {"Certificate.i.1.", "Certificado[{0,number,integer}]:"},
+        {"Certificate.fingerprint.SHA1.", "Huella Digital de Certificado (SHA1): "},
+        {"Keystore.type.", "Tipo de Almac\u00E9n de Claves: "},
+        {"Keystore.provider.", "Proveedor de Almac\u00E9n de Claves: "},
+        {"Your.keystore.contains.keyStore.size.entry",
+                "Su almac\u00E9n de claves contiene {0,number,integer} entrada"},
+        {"Your.keystore.contains.keyStore.size.entries",
+                "Su almac\u00E9n de claves contiene {0,number,integer} entradas"},
+        {"Failed.to.parse.input", "Fallo al analizar la entrada"},
+        {"Empty.input", "Entrada vac\u00EDa"},
+        {"Not.X.509.certificate", "No es un certificado X.509"},
+        {"alias.has.no.public.key", "{0} no tiene clave p\u00FAblica"},
+        {"alias.has.no.X.509.certificate", "{0} no tiene certificado X.509"},
+        {"New.certificate.self.signed.", "Nuevo Certificado (Autofirmado):"},
+        {"Reply.has.no.certificates", "La respuesta no tiene certificados"},
+        {"Certificate.not.imported.alias.alias.already.exists",
+                "Certificado no importado, el alias <{0}> ya existe"},
+        {"Input.not.an.X.509.certificate", "La entrada no es un certificado X.509"},
+        {"Certificate.already.exists.in.keystore.under.alias.trustalias.",
+                "El certificado ya existe en el almac\u00E9n de claves con el alias <{0}>"},
+        {"Do.you.still.want.to.add.it.no.",
+                "\u00BFA\u00FAn desea agregarlo? [no]:  "},
+        {"Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias.",
+                "El certificado ya existe en el almac\u00E9n de claves de la CA del sistema, con el alias <{0}>"},
+        {"Do.you.still.want.to.add.it.to.your.own.keystore.no.",
+                "\u00BFA\u00FAn desea agregarlo a su propio almac\u00E9n de claves? [no]:  "},
+        {"Trust.this.certificate.no.", "\u00BFConfiar en este certificado? [no]:  "},
+        {"YES", "S\u00ED"},
+        {"New.prompt.", "Nuevo {0}: "},
+        {"Passwords.must.differ", "Las contrase\u00F1as deben ser distintas"},
+        {"Re.enter.new.prompt.", "Vuelva a escribir el nuevo {0}: "},
+        {"Re.enter.new.password.", "Volver a escribir la contrase\u00F1a nueva: "},
+        {"They.don.t.match.Try.again", "No coinciden. Int\u00E9ntelo de nuevo"},
+        {"Enter.prompt.alias.name.", "Escriba el nombre de alias de {0}:  "},
+        {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
+                 "Indique el nuevo nombre de alias\t(INTRO para cancelar la importaci\u00F3n de esta entrada):  "},
+        {"Enter.alias.name.", "Introduzca el nombre de alias:  "},
+        {".RETURN.if.same.as.for.otherAlias.",
+                "\t(INTRO si es el mismo que para <{0}>)"},
+        {".PATTERN.printX509Cert",
+                "Propietario: {0}\nEmisor: {1}\nN\u00FAmero de serie: {2}\nV\u00E1lido desde: {3} hasta: {4}\nHuellas digitales del Certificado:\n\t MD5: {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t Nombre del Algoritmo de Firma: {8}\n\t Versi\u00F3n: {9}"},
+        {"What.is.your.first.and.last.name.",
+                "\u00BFCu\u00E1les son su nombre y su apellido?"},
+        {"What.is.the.name.of.your.organizational.unit.",
+                "\u00BFCu\u00E1l es el nombre de su unidad de organizaci\u00F3n?"},
+        {"What.is.the.name.of.your.organization.",
+                "\u00BFCu\u00E1l es el nombre de su organizaci\u00F3n?"},
+        {"What.is.the.name.of.your.City.or.Locality.",
+                "\u00BFCu\u00E1l es el nombre de su ciudad o localidad?"},
+        {"What.is.the.name.of.your.State.or.Province.",
+                "\u00BFCu\u00E1l es el nombre de su estado o provincia?"},
+        {"What.is.the.two.letter.country.code.for.this.unit.",
+                "\u00BFCu\u00E1l es el c\u00F3digo de pa\u00EDs de dos letras de la unidad?"},
+        {"Is.name.correct.", "\u00BFEs correcto {0}?"},
+        {"no", "no"},
+        {"yes", "s\u00ED"},
+        {"y", "s"},
+        {".defaultValue.", "  [{0}]:  "},
+        {"Alias.alias.has.no.key",
+                "El alias <{0}> no tiene clave"},
+        {"Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key",
+                 "El alias <{0}> hace referencia a un tipo de entrada que no es una clave privada. El comando -keyclone s\u00F3lo permite la clonaci\u00F3n de entradas de claves privadas"},
+
+        {".WARNING.WARNING.WARNING.",
+            "*****************  Advertencia Advertencia Advertencia  *****************"},
+        {"Signer.d.", "#%d de Firmante:"},
+        {"Timestamp.", "Registro de Hora:"},
+        {"Signature.", "Firma:"},
+        {"CRLs.", "CRL:"},
+        {"Certificate.owner.", "Propietario del Certificado: "},
+        {"Not.a.signed.jar.file", "No es un archivo jar firmado"},
+        {"No.certificate.from.the.SSL.server",
+                "Ning\u00FAn certificado del servidor SSL"},
+
+        {".The.integrity.of.the.information.stored.in.your.keystore.",
+            "* La integridad de la informaci\u00F3n almacenada en el almac\u00E9n de claves  *\n* NO se ha comprobado.  Para comprobar dicha integridad, *\n* debe proporcionar la contrase\u00F1a del almac\u00E9n de claves.                  *"},
+        {".The.integrity.of.the.information.stored.in.the.srckeystore.",
+            "* La integridad de la informaci\u00F3n almacenada en srckeystore*\n* NO se ha comprobado.  Para comprobar dicha integridad, *\n* debe proporcionar la contrase\u00F1a de srckeystore.                *"},
+
+        {"Certificate.reply.does.not.contain.public.key.for.alias.",
+                "La respuesta de certificado no contiene una clave p\u00FAblica para <{0}>"},
+        {"Incomplete.certificate.chain.in.reply",
+                "Cadena de certificado incompleta en la respuesta"},
+        {"Certificate.chain.in.reply.does.not.verify.",
+                "La cadena de certificado de la respuesta no verifica: "},
+        {"Top.level.certificate.in.reply.",
+                "Certificado de nivel superior en la respuesta:\n"},
+        {".is.not.trusted.", "... no es de confianza. "},
+        {"Install.reply.anyway.no.", "\u00BFInstalar respuesta de todos modos? [no]:  "},
+        {"NO", "No"},
+        {"Public.keys.in.reply.and.keystore.don.t.match",
+                "Las claves p\u00FAblicas en la respuesta y en el almac\u00E9n de claves no coinciden"},
+        {"Certificate.reply.and.certificate.in.keystore.are.identical",
+                "La respuesta del certificado y el certificado en el almac\u00E9n de claves son id\u00E9nticos"},
+        {"Failed.to.establish.chain.from.reply",
+                "No se ha podido definir una cadena a partir de la respuesta"},
+        {"n", "n"},
+        {"Wrong.answer.try.again", "Respuesta incorrecta, vuelva a intentarlo"},
+        {"Secret.key.not.generated.alias.alias.already.exists",
+                "No se ha generado la clave secreta, el alias <{0}> ya existe"},
+        {"Please.provide.keysize.for.secret.key.generation",
+                "Proporcione el valor de -keysize para la generaci\u00F3n de claves secretas"},
+
+        {"Extensions.", "Extensiones: "},
+        {".Empty.value.", "(Valor vac\u00EDo)"},
+        {"Extension.Request.", "Solicitud de Extensi\u00F3n:"},
+        {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
+                "Solicitud de Certificado PKCS #10 (Versi\u00F3n 1.0)\nAsunto: %s\nClave P\u00FAblica: %s formato %s clave\n"},
+        {"Unknown.keyUsage.type.", "Tipo de uso de clave desconocido: "},
+        {"Unknown.extendedkeyUsage.type.", "Tipo de uso de clave extendida desconocido: "},
+        {"Unknown.AccessDescription.type.", "Tipo de descripci\u00F3n de acceso desconocido: "},
+        {"Unrecognized.GeneralName.type.", "Tipo de nombre general no reconocido: "},
+        {"This.extension.cannot.be.marked.as.critical.",
+                 "Esta extensi\u00F3n no se puede marcar como cr\u00EDtica. "},
+        {"Odd.number.of.hex.digits.found.", "Se ha encontrado un n\u00FAmero impar de d\u00EDgitos hexadecimales: "},
+        {"Unknown.extension.type.", "Tipo de extensi\u00F3n desconocida: "},
+        {"command.{0}.is.ambiguous.", "El comando {0} es ambiguo:"}
+    };
+
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/keytool/Resources_fr.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,431 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.keytool;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for the keytool.
+ *
+ */
+public class Resources_fr extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+        {"NEWLINE", "\n"},
+        {"STAR",
+                "*******************************************"},
+        {"STARNN",
+                "*******************************************\n\n"},
+
+        // keytool: Help part
+// "Option" should be translated.
+        {".OPTION.", " [Option]..."},
+        {"Options.", "Options :"},
+        {"Use.keytool.help.for.all.available.commands",
+                 "Utiliser \"keytool -help\" pour toutes les commandes disponibles"},
+        {"Key.and.Certificate.Management.Tool",
+                 "Outil de gestion de certificats et de cl\u00E9s"},
+        {"Commands.", "Commandes :"},
+        {"Use.keytool.command.name.help.for.usage.of.command.name",
+                "Utiliser \"keytool -command_name -help\" pour la syntaxe de command_name"},
+        // keytool: help: commands
+        {"Generates.a.certificate.request",
+                "G\u00E9n\u00E8re une demande de certificat"}, //-certreq
+        {"Changes.an.entry.s.alias",
+                "Modifie l'alias d'une entr\u00E9e"}, //-changealias
+        {"Deletes.an.entry",
+                "Supprime une entr\u00E9e"}, //-delete
+        {"Exports.certificate",
+                "Exporte le certificat"}, //-exportcert
+        {"Generates.a.key.pair",
+                "G\u00E9n\u00E8re une paire de cl\u00E9s"}, //-genkeypair
+// translation of "secret" key should be different to "private" key.
+        {"Generates.a.secret.key",
+                "G\u00E9n\u00E8re une cl\u00E9 secr\u00E8te"}, //-genseckey
+        {"Generates.certificate.from.a.certificate.request",
+                "G\u00E9n\u00E8re le certificat \u00E0 partir d'une demande de certificat"}, //-gencert
+        {"Generates.CRL", "G\u00E9n\u00E8re la liste des certificats r\u00E9voqu\u00E9s (CRL)"}, //-gencrl
+        {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
+                "Importe les entr\u00E9es \u00E0 partir d'une base de donn\u00E9es d'identit\u00E9s de type JDK 1.1.x"}, //-identitydb
+        {"Imports.a.certificate.or.a.certificate.chain",
+                "Importe un certificat ou une cha\u00EEne de certificat"}, //-importcert
+        {"Imports.one.or.all.entries.from.another.keystore",
+                "Importe une entr\u00E9e ou la totalit\u00E9 des entr\u00E9es depuis un autre fichier de cl\u00E9s"}, //-importkeystore
+        {"Clones.a.key.entry",
+                "Clone une entr\u00E9e de cl\u00E9"}, //-keyclone
+        {"Changes.the.key.password.of.an.entry",
+                "Modifie le mot de passe de cl\u00E9 d'une entr\u00E9e"}, //-keypasswd
+        {"Lists.entries.in.a.keystore",
+                "R\u00E9pertorie les entr\u00E9es d'un fichier de cl\u00E9s"}, //-list
+        {"Prints.the.content.of.a.certificate",
+                "Imprime le contenu d'un certificat"}, //-printcert
+        {"Prints.the.content.of.a.certificate.request",
+                "Imprime le contenu d'une demande de certificat"}, //-printcertreq
+        {"Prints.the.content.of.a.CRL.file",
+                "Imprime le contenu d'un fichier de liste des certificats r\u00E9voqu\u00E9s (CRL)"}, //-printcrl
+        {"Generates.a.self.signed.certificate",
+                "G\u00E9n\u00E8re un certificat auto-sign\u00E9"}, //-selfcert
+        {"Changes.the.store.password.of.a.keystore",
+                "Modifie le mot de passe de banque d'un fichier de cl\u00E9s"}, //-storepasswd
+        // keytool: help: options
+        {"alias.name.of.the.entry.to.process",
+                "nom d'alias de l'entr\u00E9e \u00E0 traiter"}, //-alias
+        {"destination.alias",
+                "alias de destination"}, //-destalias
+        {"destination.key.password",
+                "mot de passe de la cl\u00E9 de destination"}, //-destkeypass
+        {"destination.keystore.name",
+                "nom du fichier de cl\u00E9s de destination"}, //-destkeystore
+        {"destination.keystore.password.protected",
+                "mot de passe du fichier de cl\u00E9s de destination prot\u00E9g\u00E9"}, //-destprotected
+        {"destination.keystore.provider.name",
+                "nom du fournisseur du fichier de cl\u00E9s de destination"}, //-destprovidername
+        {"destination.keystore.password",
+                "mot de passe du fichier de cl\u00E9s de destination"}, //-deststorepass
+        {"destination.keystore.type",
+                "type du fichier de cl\u00E9s de destination"}, //-deststoretype
+        {"distinguished.name",
+                "nom distinctif"}, //-dname
+        {"X.509.extension",
+                "extension X.509"}, //-ext
+        {"output.file.name",
+                "nom du fichier de sortie"}, //-file and -outfile
+        {"input.file.name",
+                "nom du fichier d'entr\u00E9e"}, //-file and -infile
+        {"key.algorithm.name",
+                "nom de l'algorithme de cl\u00E9"}, //-keyalg
+        {"key.password",
+                "mot de passe de la cl\u00E9"}, //-keypass
+        {"key.bit.size",
+                "taille en bits de la cl\u00E9"}, //-keysize
+        {"keystore.name",
+                "nom du fichier de cl\u00E9s"}, //-keystore
+        {"new.password",
+                "nouveau mot de passe"}, //-new
+        {"do.not.prompt",
+                "ne pas inviter"}, //-noprompt
+        {"password.through.protected.mechanism",
+                "mot de passe via m\u00E9canisme prot\u00E9g\u00E9"}, //-protected
+        {"provider.argument",
+                "argument du fournisseur"}, //-providerarg
+        {"provider.class.name",
+                "nom de la classe de fournisseur"}, //-providerclass
+        {"provider.name",
+                "nom du fournisseur"}, //-providername
+        {"provider.classpath",
+                "variable d'environnement CLASSPATH du fournisseur"}, //-providerpath
+        {"output.in.RFC.style",
+                "sortie au style RFC"}, //-rfc
+        {"signature.algorithm.name",
+                "nom de l'algorithme de signature"}, //-sigalg
+        {"source.alias",
+                "alias source"}, //-srcalias
+        {"source.key.password",
+                "mot de passe de la cl\u00E9 source"}, //-srckeypass
+        {"source.keystore.name",
+                "nom du fichier de cl\u00E9s source"}, //-srckeystore
+        {"source.keystore.password.protected",
+                "mot de passe du fichier de cl\u00E9s source prot\u00E9g\u00E9"}, //-srcprotected
+        {"source.keystore.provider.name",
+                "nom du fournisseur du fichier de cl\u00E9s source"}, //-srcprovidername
+        {"source.keystore.password",
+                "mot de passe du fichier de cl\u00E9s source"}, //-srcstorepass
+        {"source.keystore.type",
+                "type du fichier de cl\u00E9s source"}, //-srcstoretype
+        {"SSL.server.host.and.port",
+                "Port et h\u00F4te du serveur SSL"}, //-sslserver
+        {"signed.jar.file",
+                "fichier JAR sign\u00E9"}, //=jarfile
+        {"certificate.validity.start.date.time",
+                "date/heure de d\u00E9but de validit\u00E9 du certificat"}, //-startdate
+        {"keystore.password",
+                "mot de passe du fichier de cl\u00E9s"}, //-storepass
+        {"keystore.type",
+                "type du fichier de cl\u00E9s"}, //-storetype
+        {"trust.certificates.from.cacerts",
+                "certificats s\u00E9curis\u00E9s issus de certificats CA"}, //-trustcacerts
+        {"verbose.output",
+                "sortie en mode verbose"}, //-v
+        {"validity.number.of.days",
+                "nombre de jours de validit\u00E9"}, //-validity
+        {"Serial.ID.of.cert.to.revoke",
+                 "ID de s\u00E9rie du certificat \u00E0 r\u00E9voquer"}, //-id
+        // keytool: Running part
+        {"keytool.error.", "erreur keytool : "},
+        {"Illegal.option.", "Option non admise :  "},
+        {"Illegal.value.", "Valeur non admise : "},
+        {"Unknown.password.type.", "Type de mot de passe inconnu : "},
+        {"Cannot.find.environment.variable.",
+                "Variable d'environnement introuvable : "},
+        {"Cannot.find.file.", "Fichier introuvable : "},
+        {"Command.option.flag.needs.an.argument.", "L''option de commande {0} requiert un argument."},
+        {"Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value.",
+                "Avertissement\u00A0: les mots de passe de cl\u00E9 et de banque distincts ne sont pas pris en charge pour les fichiers de cl\u00E9s d''acc\u00E8s PKCS12. La valeur {0} sp\u00E9cifi\u00E9e par l''utilisateur est ignor\u00E9e."},
+        {".keystore.must.be.NONE.if.storetype.is.{0}",
+                "-keystore doit \u00EAtre d\u00E9fini sur NONE si -storetype est {0}"},
+        {"Too.many.retries.program.terminated",
+                 "Trop de tentatives, fin du programme"},
+        {".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}",
+                "Les commandes -storepasswd et -keypasswd ne sont pas prises en charge si -storetype est d\u00E9fini sur {0}"},
+        {".keypasswd.commands.not.supported.if.storetype.is.PKCS12",
+                "Les commandes -keypasswd ne sont pas prises en charge si -storetype est d\u00E9fini sur PKCS12"},
+        {".keypass.and.new.can.not.be.specified.if.storetype.is.{0}",
+                "Les commandes -keypass et -new ne peuvent pas \u00EAtre sp\u00E9cifi\u00E9es si -storetype est d\u00E9fini sur {0}"},
+        {"if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified",
+                "si -protected est sp\u00E9cifi\u00E9, -storepass, -keypass et -new ne doivent pas \u00EAtre indiqu\u00E9s"},
+        {"if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified",
+                "Si -srcprotected est indiqu\u00E9, les commandes -srcstorepass et -srckeypass ne doivent pas \u00EAtre sp\u00E9cifi\u00E9es"},
+        {"if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified",
+                "Si le fichier de cl\u00E9s n'est pas prot\u00E9g\u00E9 par un mot de passe, les commandes -storepass, -keypass et -new ne doivent pas \u00EAtre sp\u00E9cifi\u00E9es"},
+        {"if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified",
+                "Si le fichier de cl\u00E9s source n'est pas prot\u00E9g\u00E9 par un mot de passe, les commandes -srcstorepass et -srckeypass ne doivent pas \u00EAtre sp\u00E9cifi\u00E9es"},
+        {"Illegal.startdate.value", "Valeur de date de d\u00E9but non admise"},
+        {"Validity.must.be.greater.than.zero",
+                "La validit\u00E9 doit \u00EAtre sup\u00E9rieure \u00E0 z\u00E9ro"},
+        {"provName.not.a.provider", "{0} n''est pas un fournisseur"},
+        {"Usage.error.no.command.provided", "Erreur de syntaxe\u00A0: aucune commande fournie"},
+        {"Source.keystore.file.exists.but.is.empty.", "Le fichier de cl\u00E9s source existe mais il est vide : "},
+        {"Please.specify.srckeystore", "Indiquez -srckeystore"},
+        {"Must.not.specify.both.v.and.rfc.with.list.command",
+                "-v et -rfc ne doivent pas \u00EAtre sp\u00E9cifi\u00E9s avec la commande 'list'"},
+        {"Key.password.must.be.at.least.6.characters",
+                "Un mot de passe de cl\u00E9 doit comporter au moins 6 caract\u00E8res"},
+        {"New.password.must.be.at.least.6.characters",
+                "Le nouveau mot de passe doit comporter au moins 6 caract\u00E8res"},
+        {"Keystore.file.exists.but.is.empty.",
+                "Fichier de cl\u00E9s existant mais vide : "},
+        {"Keystore.file.does.not.exist.",
+                "Le fichier de cl\u00E9s n'existe pas : "},
+        {"Must.specify.destination.alias", "L'alias de destination doit \u00EAtre sp\u00E9cifi\u00E9"},
+        {"Must.specify.alias", "L'alias doit \u00EAtre sp\u00E9cifi\u00E9"},
+        {"Keystore.password.must.be.at.least.6.characters",
+                "Un mot de passe de fichier de cl\u00E9s doit comporter au moins 6 caract\u00E8res"},
+        {"Enter.keystore.password.", "Entrez le mot de passe du fichier de cl\u00E9s :  "},
+        {"Enter.source.keystore.password.", "Entrez le mot de passe du fichier de cl\u00E9s source\u00A0:  "},
+        {"Enter.destination.keystore.password.", "Entrez le mot de passe du fichier de cl\u00E9s de destination\u00A0:  "},
+        {"Keystore.password.is.too.short.must.be.at.least.6.characters",
+         "Le mot de passe du fichier de cl\u00E9s est trop court : il doit comporter au moins 6 caract\u00E8res"},
+        {"Unknown.Entry.Type", "Type d'entr\u00E9e inconnu"},
+        {"Too.many.failures.Alias.not.changed", "Trop d'erreurs. Alias non modifi\u00E9"},
+        {"Entry.for.alias.alias.successfully.imported.",
+                 "L''entr\u00E9e de l''alias {0} a \u00E9t\u00E9 import\u00E9e."},
+        {"Entry.for.alias.alias.not.imported.", "L''entr\u00E9e de l''alias {0} n''a pas \u00E9t\u00E9 import\u00E9e."},
+        {"Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported.",
+                 "Probl\u00E8me lors de l''import de l''entr\u00E9e de l''alias {0}\u00A0: {1}.\nL''entr\u00E9e de l''alias {0} n''a pas \u00E9t\u00E9 import\u00E9e."},
+        {"Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled",
+                 "Commande d''import ex\u00E9cut\u00E9e\u00A0: {0} entr\u00E9es import\u00E9es, \u00E9chec ou annulation de {1} entr\u00E9es"},
+        {"Warning.Overwriting.existing.alias.alias.in.destination.keystore",
+                 "Avertissement\u00A0: l''alias {0} existant sera remplac\u00E9 dans le fichier de cl\u00E9s d''acc\u00E8s de destination"},
+        {"Existing.entry.alias.alias.exists.overwrite.no.",
+                 "L''alias d''entr\u00E9e {0} existe d\u00E9j\u00E0. Voulez-vous le remplacer ? [non]\u00A0:  "},
+        {"Too.many.failures.try.later", "Trop d'erreurs. R\u00E9essayez plus tard"},
+        {"Certification.request.stored.in.file.filename.",
+                "Demande de certification stock\u00E9e dans le fichier <{0}>"},
+        {"Submit.this.to.your.CA", "Soumettre \u00E0 votre CA"},
+        {"if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified",
+            "si l'alias n'est pas sp\u00E9cifi\u00E9, destalias, srckeypass et destkeypass ne doivent pas \u00EAtre sp\u00E9cifi\u00E9s"},
+        {"Certificate.stored.in.file.filename.",
+                "Certificat stock\u00E9 dans le fichier <{0}>"},
+        {"Certificate.reply.was.installed.in.keystore",
+                "R\u00E9ponse de certificat install\u00E9e dans le fichier de cl\u00E9s"},
+        {"Certificate.reply.was.not.installed.in.keystore",
+                "R\u00E9ponse de certificat non install\u00E9e dans le fichier de cl\u00E9s"},
+        {"Certificate.was.added.to.keystore",
+                "Certificat ajout\u00E9 au fichier de cl\u00E9s"},
+        {"Certificate.was.not.added.to.keystore",
+                "Certificat non ajout\u00E9 au fichier de cl\u00E9s"},
+        {".Storing.ksfname.", "[Stockage de {0}]"},
+        {"alias.has.no.public.key.certificate.",
+                "{0} ne poss\u00E8de pas de cl\u00E9 publique (certificat)"},
+        {"Cannot.derive.signature.algorithm",
+                "Impossible de d\u00E9duire l'algorithme de signature"},
+        {"Alias.alias.does.not.exist",
+                "L''alias <{0}> n''existe pas"},
+        {"Alias.alias.has.no.certificate",
+                "L''alias <{0}> ne poss\u00E8de pas de certificat"},
+        {"Key.pair.not.generated.alias.alias.already.exists",
+                "Paire de cl\u00E9s non g\u00E9n\u00E9r\u00E9e, l''alias <{0}> existe d\u00E9j\u00E0"},
+        {"Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for",
+                "G\u00E9n\u00E9ration d''une paire de cl\u00E9s {1} de {0} bits et d''un certificat auto-sign\u00E9 ({2}) d''une validit\u00E9 de {3} jours\n\tpour : {4}"},
+        {"Enter.key.password.for.alias.", "Entrez le mot de passe de la cl\u00E9 pour <{0}>"},
+        {".RETURN.if.same.as.keystore.password.",
+                "\t(appuyez sur Entr\u00E9e s'il s'agit du mot de passe du fichier de cl\u00E9s) :  "},
+        {"Key.password.is.too.short.must.be.at.least.6.characters",
+                "Le mot de passe de la cl\u00E9 est trop court : il doit comporter au moins 6 caract\u00E8res"},
+        {"Too.many.failures.key.not.added.to.keystore",
+                "Trop d'erreurs. Cl\u00E9 non ajout\u00E9e au fichier de cl\u00E9s"},
+        {"Destination.alias.dest.already.exists",
+                "L''alias de la destination <{0}> existe d\u00E9j\u00E0"},
+        {"Password.is.too.short.must.be.at.least.6.characters",
+                "Le mot de passe est trop court : il doit comporter au moins 6 caract\u00E8res"},
+        {"Too.many.failures.Key.entry.not.cloned",
+                "Trop d'erreurs. Entr\u00E9e de cl\u00E9 non clon\u00E9e"},
+        {"key.password.for.alias.", "mot de passe de cl\u00E9 pour <{0}>"},
+        {"Keystore.entry.for.id.getName.already.exists",
+                "L''entr\u00E9e de fichier de cl\u00E9s d''acc\u00E8s pour <{0}> existe d\u00E9j\u00E0"},
+        {"Creating.keystore.entry.for.id.getName.",
+                "Cr\u00E9ation d''une entr\u00E9e de fichier de cl\u00E9s d''acc\u00E8s pour <{0}>..."},
+        {"No.entries.from.identity.database.added",
+                "Aucune entr\u00E9e ajout\u00E9e \u00E0 partir de la base de donn\u00E9es d'identit\u00E9s"},
+        {"Alias.name.alias", "Nom d''alias : {0}"},
+        {"Creation.date.keyStore.getCreationDate.alias.",
+                "Date de cr\u00E9ation : {0,date}"},
+        {"alias.keyStore.getCreationDate.alias.",
+                "{0}, {1,date}, "},
+        {"alias.", "{0}, "},
+        {"Entry.type.type.", "Type d''entr\u00E9e\u00A0: {0}"},
+        {"Certificate.chain.length.", "Longueur de cha\u00EEne du certificat : "},
+        {"Certificate.i.1.", "Certificat[{0,number,integer}]:"},
+        {"Certificate.fingerprint.SHA1.", "Empreinte du certificat (SHA1) : "},
+        {"Keystore.type.", "Type de fichier de cl\u00E9s : "},
+        {"Keystore.provider.", "Fournisseur de fichier de cl\u00E9s : "},
+        {"Your.keystore.contains.keyStore.size.entry",
+                "Votre fichier de cl\u00E9s d''acc\u00E8s contient {0,number,integer} entr\u00E9e"},
+        {"Your.keystore.contains.keyStore.size.entries",
+                "Votre fichier de cl\u00E9s d''acc\u00E8s contient {0,number,integer} entr\u00E9es"},
+        {"Failed.to.parse.input", "L'analyse de l'entr\u00E9e a \u00E9chou\u00E9"},
+        {"Empty.input", "Entr\u00E9e vide"},
+        {"Not.X.509.certificate", "Pas un certificat X.509"},
+        {"alias.has.no.public.key", "{0} ne poss\u00E8de pas de cl\u00E9 publique"},
+        {"alias.has.no.X.509.certificate", "{0} ne poss\u00E8de pas de certificat X.509"},
+        {"New.certificate.self.signed.", "Nouveau certificat (auto-sign\u00E9) :"},
+        {"Reply.has.no.certificates", "La r\u00E9ponse n'a pas de certificat"},
+        {"Certificate.not.imported.alias.alias.already.exists",
+                "Certificat non import\u00E9, l''alias <{0}> existe d\u00E9j\u00E0"},
+        {"Input.not.an.X.509.certificate", "L'entr\u00E9e n'est pas un certificat X.509"},
+        {"Certificate.already.exists.in.keystore.under.alias.trustalias.",
+                "Le certificat existe d\u00E9j\u00E0 dans le fichier de cl\u00E9s d''acc\u00E8s sous l''alias <{0}>"},
+        {"Do.you.still.want.to.add.it.no.",
+                "Voulez-vous toujours l'ajouter ? [non] :  "},
+        {"Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias.",
+                "Le certificat existe d\u00E9j\u00E0 dans le fichier de cl\u00E9s d''acc\u00E8s CA syst\u00E8me sous l''alias <{0}>"},
+        {"Do.you.still.want.to.add.it.to.your.own.keystore.no.",
+                "Voulez-vous toujours l'ajouter \u00E0 votre fichier de cl\u00E9s ? [non] :  "},
+        {"Trust.this.certificate.no.", "Faire confiance \u00E0 ce certificat ? [non] :  "},
+        {"YES", "Oui"},
+        {"New.prompt.", "Nouveau {0} : "},
+        {"Passwords.must.differ", "Les mots de passe doivent diff\u00E9rer"},
+        {"Re.enter.new.prompt.", "Indiquez encore le nouveau {0} : "},
+        {"Re.enter.new.password.", "Ressaisissez le nouveau mot de passe : "},
+        {"They.don.t.match.Try.again", "Ils sont diff\u00E9rents. R\u00E9essayez."},
+        {"Enter.prompt.alias.name.", "Indiquez le nom d''alias {0} :  "},
+        {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
+                 "Saisissez le nom du nouvel alias\t(ou appuyez sur Entr\u00E9e pour annuler l'import de cette entr\u00E9e)\u00A0:  "},
+        {"Enter.alias.name.", "Indiquez le nom d'alias :  "},
+        {".RETURN.if.same.as.for.otherAlias.",
+                "\t(appuyez sur Entr\u00E9e si le r\u00E9sultat est identique \u00E0 <{0}>)"},
+        {".PATTERN.printX509Cert",
+                "Propri\u00E9taire : {0}\nEmetteur : {1}\nNum\u00E9ro de s\u00E9rie : {2}\nValide du : {3} au : {4}\nEmpreintes du certificat :\n\t MD5:  {5}\n\t SHA1 : {6}\n\t SHA256 : {7}\n\t Nom de l''algorithme de signature : {8}\n\t Version : {9}"},
+        {"What.is.your.first.and.last.name.",
+                "Quels sont vos nom et pr\u00E9nom ?"},
+        {"What.is.the.name.of.your.organizational.unit.",
+                "Quel est le nom de votre unit\u00E9 organisationnelle ?"},
+        {"What.is.the.name.of.your.organization.",
+                "Quel est le nom de votre entreprise ?"},
+        {"What.is.the.name.of.your.City.or.Locality.",
+                "Quel est le nom de votre ville de r\u00E9sidence ?"},
+        {"What.is.the.name.of.your.State.or.Province.",
+                "Quel est le nom de votre \u00E9tat ou province ?"},
+        {"What.is.the.two.letter.country.code.for.this.unit.",
+                "Quel est le code pays \u00E0 deux lettres pour cette unit\u00E9 ?"},
+        {"Is.name.correct.", "Est-ce {0} ?"},
+        {"no", "non"},
+        {"yes", "oui"},
+        {"y", "o"},
+        {".defaultValue.", "  [{0}]:  "},
+        {"Alias.alias.has.no.key",
+                "L''alias <{0}> n''est associ\u00E9 \u00E0 aucune cl\u00E9"},
+        {"Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key",
+                 "L''entr\u00E9e \u00E0 laquelle l''alias <{0}> fait r\u00E9f\u00E9rence n''est pas une entr\u00E9e de type cl\u00E9 priv\u00E9e. La commande -keyclone prend uniquement en charge le clonage des cl\u00E9s priv\u00E9es"},
+
+        {".WARNING.WARNING.WARNING.",
+            "*****************  Avertissement Avertissement Avertissement  *****************"},
+        {"Signer.d.", "Signataire n\u00B0%d :"},
+        {"Timestamp.", "Horodatage :"},
+        {"Signature.", "Signature :"},
+        {"CRLs.", "Listes des certificats r\u00E9voqu\u00E9s (CRL) :"},
+        {"Certificate.owner.", "Propri\u00E9taire du certificat : "},
+        {"Not.a.signed.jar.file", "Fichier JAR non sign\u00E9"},
+        {"No.certificate.from.the.SSL.server",
+                "Aucun certificat du serveur SSL"},
+
+        {".The.integrity.of.the.information.stored.in.your.keystore.",
+            "* L'int\u00E9grit\u00E9 des informations stock\u00E9es dans votre fichier de cl\u00E9s  *\n* n'a PAS \u00E9t\u00E9 v\u00E9rifi\u00E9e. Pour cela, *\n* vous devez fournir le mot de passe de votre fichier de cl\u00E9s.                  *"},
+        {".The.integrity.of.the.information.stored.in.the.srckeystore.",
+            "* L'int\u00E9grit\u00E9 des informations stock\u00E9es dans le fichier de cl\u00E9s source  *\n* n'a PAS \u00E9t\u00E9 v\u00E9rifi\u00E9e. Pour cela, *\n* vous devez fournir le mot de passe de votre fichier de cl\u00E9s source.                  *"},
+
+        {"Certificate.reply.does.not.contain.public.key.for.alias.",
+                "La r\u00E9ponse au certificat ne contient pas de cl\u00E9 publique pour <{0}>"},
+        {"Incomplete.certificate.chain.in.reply",
+                "Cha\u00EEne de certificat incompl\u00E8te dans la r\u00E9ponse"},
+        {"Certificate.chain.in.reply.does.not.verify.",
+                "La cha\u00EEne de certificat de la r\u00E9ponse ne concorde pas : "},
+        {"Top.level.certificate.in.reply.",
+                "Certificat de niveau sup\u00E9rieur dans la r\u00E9ponse :\n"},
+        {".is.not.trusted.", "... non s\u00E9curis\u00E9. "},
+        {"Install.reply.anyway.no.", "Installer la r\u00E9ponse quand m\u00EAme ? [non] :  "},
+        {"NO", "Non"},
+        {"Public.keys.in.reply.and.keystore.don.t.match",
+                "Les cl\u00E9s publiques de la r\u00E9ponse et du fichier de cl\u00E9s ne concordent pas"},
+        {"Certificate.reply.and.certificate.in.keystore.are.identical",
+                "La r\u00E9ponse au certificat et le certificat du fichier de cl\u00E9s sont identiques"},
+        {"Failed.to.establish.chain.from.reply",
+                "Impossible de cr\u00E9er une cha\u00EEne \u00E0 partir de la r\u00E9ponse"},
+        {"n", "n"},
+        {"Wrong.answer.try.again", "R\u00E9ponse incorrecte, recommencez"},
+        {"Secret.key.not.generated.alias.alias.already.exists",
+                "Cl\u00E9 secr\u00E8te non g\u00E9n\u00E9r\u00E9e, l''alias <{0}> existe d\u00E9j\u00E0"},
+        {"Please.provide.keysize.for.secret.key.generation",
+                "Indiquez -keysize pour la g\u00E9n\u00E9ration de la cl\u00E9 secr\u00E8te"},
+
+        {"Extensions.", "Extensions\u00A0: "},
+        {".Empty.value.", "(Valeur vide)"},
+        {"Extension.Request.", "Demande d'extension :"},
+        {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
+                "Demande de certificat PKCS #10 (version 1.0)\nSujet : %s\nCl\u00E9 publique : format %s pour la cl\u00E9 %s\n"},
+        {"Unknown.keyUsage.type.", "Type keyUsage inconnu : "},
+        {"Unknown.extendedkeyUsage.type.", "Type extendedkeyUsage inconnu : "},
+        {"Unknown.AccessDescription.type.", "Type AccessDescription inconnu : "},
+        {"Unrecognized.GeneralName.type.", "Type GeneralName non reconnu : "},
+        {"This.extension.cannot.be.marked.as.critical.",
+                 "Cette extension ne peut pas \u00EAtre marqu\u00E9e comme critique. "},
+        {"Odd.number.of.hex.digits.found.", "Nombre impair de chiffres hexad\u00E9cimaux trouv\u00E9 : "},
+        {"Unknown.extension.type.", "Type d'extension inconnu : "},
+        {"command.{0}.is.ambiguous.", "commande {0} ambigu\u00EB :"}
+    };
+
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/keytool/Resources_it.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,431 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.keytool;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for the keytool.
+ *
+ */
+public class Resources_it extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+        {"NEWLINE", "\n"},
+        {"STAR",
+                "*******************************************"},
+        {"STARNN",
+                "*******************************************\n\n"},
+
+        // keytool: Help part
+// "Option" should be translated.
+        {".OPTION.", " [Opzione]..."},
+        {"Options.", "Opzioni:"},
+        {"Use.keytool.help.for.all.available.commands",
+                 "Utilizzare \"keytool -help\" per visualizzare tutti i comandi disponibili"},
+        {"Key.and.Certificate.Management.Tool",
+                 "Strumento di gestione di chiavi e certificati"},
+        {"Commands.", "Comandi:"},
+        {"Use.keytool.command.name.help.for.usage.of.command.name",
+                "Utilizzare \"keytool -command_name -help\" per informazioni sull'uso di command_name"},
+        // keytool: help: commands
+        {"Generates.a.certificate.request",
+                "Genera una richiesta di certificato"}, //-certreq
+        {"Changes.an.entry.s.alias",
+                "Modifica l'alias di una voce"}, //-changealias
+        {"Deletes.an.entry",
+                "Elimina una voce"}, //-delete
+        {"Exports.certificate",
+                "Esporta il certificato"}, //-exportcert
+        {"Generates.a.key.pair",
+                "Genera una coppia di chiavi"}, //-genkeypair
+// translation of "secret" key should be different to "private" key.
+        {"Generates.a.secret.key",
+                "Genera una chiave segreta"}, //-genseckey
+        {"Generates.certificate.from.a.certificate.request",
+                "Genera un certificato da una richiesta di certificato"}, //-gencert
+        {"Generates.CRL", "Genera CRL"}, //-gencrl
+        {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
+                "Importa le voci da un database delle identit\u00E0 di tipo JDK 1.1.x"}, //-identitydb
+        {"Imports.a.certificate.or.a.certificate.chain",
+                "Importa un certificato o una catena di certificati"}, //-importcert
+        {"Imports.one.or.all.entries.from.another.keystore",
+                "Importa una o tutte le voci da un altro keystore"}, //-importkeystore
+        {"Clones.a.key.entry",
+                "Duplica una voce di chiave"}, //-keyclone
+        {"Changes.the.key.password.of.an.entry",
+                "Modifica la password della chiave per una voce"}, //-keypasswd
+        {"Lists.entries.in.a.keystore",
+                "Elenca le voci in un keystore"}, //-list
+        {"Prints.the.content.of.a.certificate",
+                "Visualizza i contenuti di un certificato"}, //-printcert
+        {"Prints.the.content.of.a.certificate.request",
+                "Visualizza i contenuti di una richiesta di certificato"}, //-printcertreq
+        {"Prints.the.content.of.a.CRL.file",
+                "Visualizza i contenuti di un file CRL"}, //-printcrl
+        {"Generates.a.self.signed.certificate",
+                "Genera certificato con firma automatica"}, //-selfcert
+        {"Changes.the.store.password.of.a.keystore",
+                "Modifica la password di area di memorizzazione di un keystore"}, //-storepasswd
+        // keytool: help: options
+        {"alias.name.of.the.entry.to.process",
+                "nome alias della voce da elaborare"}, //-alias
+        {"destination.alias",
+                "alias di destinazione"}, //-destalias
+        {"destination.key.password",
+                "password chiave di destinazione"}, //-destkeypass
+        {"destination.keystore.name",
+                "nome keystore di destinazione"}, //-destkeystore
+        {"destination.keystore.password.protected",
+                "password keystore di destinazione protetta"}, //-destprotected
+        {"destination.keystore.provider.name",
+                "nome provider keystore di destinazione"}, //-destprovidername
+        {"destination.keystore.password",
+                "password keystore di destinazione"}, //-deststorepass
+        {"destination.keystore.type",
+                "tipo keystore di destinazione"}, //-deststoretype
+        {"distinguished.name",
+                "nome distinto"}, //-dname
+        {"X.509.extension",
+                "estensione X.509"}, //-ext
+        {"output.file.name",
+                "nome file di output"}, //-file and -outfile
+        {"input.file.name",
+                "nome file di input"}, //-file and -infile
+        {"key.algorithm.name",
+                "nome algoritmo chiave"}, //-keyalg
+        {"key.password",
+                "password chiave"}, //-keypass
+        {"key.bit.size",
+                "dimensione bit chiave"}, //-keysize
+        {"keystore.name",
+                "nome keystore"}, //-keystore
+        {"new.password",
+                "nuova password"}, //-new
+        {"do.not.prompt",
+                "non richiedere"}, //-noprompt
+        {"password.through.protected.mechanism",
+                "password mediante meccanismo protetto"}, //-protected
+        {"provider.argument",
+                "argomento provider"}, //-providerarg
+        {"provider.class.name",
+                "nome classe provider"}, //-providerclass
+        {"provider.name",
+                "nome provider"}, //-providername
+        {"provider.classpath",
+                "classpath provider"}, //-providerpath
+        {"output.in.RFC.style",
+                "output in stile RFC"}, //-rfc
+        {"signature.algorithm.name",
+                "nome algoritmo firma"}, //-sigalg
+        {"source.alias",
+                "alias origine"}, //-srcalias
+        {"source.key.password",
+                "password chiave di origine"}, //-srckeypass
+        {"source.keystore.name",
+                "nome keystore di origine"}, //-srckeystore
+        {"source.keystore.password.protected",
+                "password keystore di origine protetta"}, //-srcprotected
+        {"source.keystore.provider.name",
+                "nome provider keystore di origine"}, //-srcprovidername
+        {"source.keystore.password",
+                "password keystore di origine"}, //-srcstorepass
+        {"source.keystore.type",
+                "tipo keystore di origine"}, //-srcstoretype
+        {"SSL.server.host.and.port",
+                "host e porta server SSL"}, //-sslserver
+        {"signed.jar.file",
+                "file jar firmato"}, //=jarfile
+        {"certificate.validity.start.date.time",
+                "data/ora di inizio validit\u00E0 certificato"}, //-startdate
+        {"keystore.password",
+                "password keystore"}, //-storepass
+        {"keystore.type",
+                "tipo keystore"}, //-storetype
+        {"trust.certificates.from.cacerts",
+                "considera sicuri i certificati da cacerts"}, //-trustcacerts
+        {"verbose.output",
+                "output descrittivo"}, //-v
+        {"validity.number.of.days",
+                "numero di giorni di validit\u00E0"}, //-validity
+        {"Serial.ID.of.cert.to.revoke",
+                 "ID seriale del certificato da revocare"}, //-id
+        // keytool: Running part
+        {"keytool.error.", "Errore keytool: "},
+        {"Illegal.option.", "Opzione non valida:  "},
+        {"Illegal.value.", "Valore non valido: "},
+        {"Unknown.password.type.", "Tipo di password sconosciuto: "},
+        {"Cannot.find.environment.variable.",
+                "Impossibile trovare la variabile di ambiente: "},
+        {"Cannot.find.file.", "Impossibile trovare il file: "},
+        {"Command.option.flag.needs.an.argument.", "\u00C8 necessario specificare un argomento per l''opzione di comando {0}."},
+        {"Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value.",
+                "Avvertenza: non sono supportate password diverse di chiave e di archivio per i keystore PKCS12. Il valore {0} specificato dall''utente verr\u00E0 ignorato."},
+        {".keystore.must.be.NONE.if.storetype.is.{0}",
+                "Se -storetype \u00E8 impostato su {0}, -keystore deve essere impostato su NONE"},
+        {"Too.many.retries.program.terminated",
+                 "Il numero dei tentativi consentiti \u00E8 stato superato. Il programma verr\u00E0 terminato."},
+        {".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}",
+                "Se -storetype \u00E8 impostato su {0}, i comandi -storepasswd e -keypasswd non sono supportati"},
+        {".keypasswd.commands.not.supported.if.storetype.is.PKCS12",
+                "Se -storetype \u00E8 impostato su PKCS12 i comandi -keypasswd non vengono supportati"},
+        {".keypass.and.new.can.not.be.specified.if.storetype.is.{0}",
+                "Se -storetype \u00E8 impostato su {0}, non \u00E8 possibile specificare un valore per -keypass e -new"},
+        {"if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified",
+                "Se \u00E8 specificata l'opzione -protected, le opzioni -storepass, -keypass e -new non possono essere specificate"},
+        {"if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified",
+                "Se viene specificato -srcprotected, -srcstorepass e -srckeypass non dovranno essere specificati"},
+        {"if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified",
+                "Se il file keystore non \u00E8 protetto da password, non deve essere specificato alcun valore per -storepass, -keypass e -new"},
+        {"if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified",
+                "Se il file keystore non \u00E8 protetto da password, non deve essere specificato alcun valore per -srcstorepass e -srckeypass"},
+        {"Illegal.startdate.value", "Valore di data di inizio non valido"},
+        {"Validity.must.be.greater.than.zero",
+                "La validit\u00E0 deve essere maggiore di zero"},
+        {"provName.not.a.provider", "{0} non \u00E8 un provider"},
+        {"Usage.error.no.command.provided", "Errore di utilizzo: nessun comando specificato"},
+        {"Source.keystore.file.exists.but.is.empty.", "Il file keystore di origine esiste, ma \u00E8 vuoto: "},
+        {"Please.specify.srckeystore", "Specificare -srckeystore"},
+        {"Must.not.specify.both.v.and.rfc.with.list.command",
+                "Impossibile specificare sia -v sia -rfc con il comando 'list'"},
+        {"Key.password.must.be.at.least.6.characters",
+                "La password della chiave deve contenere almeno 6 caratteri"},
+        {"New.password.must.be.at.least.6.characters",
+                "La nuova password deve contenere almeno 6 caratteri"},
+        {"Keystore.file.exists.but.is.empty.",
+                "Il file keystore esiste ma \u00E8 vuoto: "},
+        {"Keystore.file.does.not.exist.",
+                "Il file keystore non esiste: "},
+        {"Must.specify.destination.alias", "\u00C8 necessario specificare l'alias di destinazione"},
+        {"Must.specify.alias", "\u00C8 necessario specificare l'alias"},
+        {"Keystore.password.must.be.at.least.6.characters",
+                "La password del keystore deve contenere almeno 6 caratteri"},
+        {"Enter.keystore.password.", "Immettere la password del keystore:  "},
+        {"Enter.source.keystore.password.", "Immettere la password del keystore di origine:  "},
+        {"Enter.destination.keystore.password.", "Immettere la password del keystore di destinazione:  "},
+        {"Keystore.password.is.too.short.must.be.at.least.6.characters",
+         "La password del keystore \u00E8 troppo corta - deve contenere almeno 6 caratteri"},
+        {"Unknown.Entry.Type", "Tipo di voce sconosciuto"},
+        {"Too.many.failures.Alias.not.changed", "Numero eccessivo di errori. L'alias non \u00E8 stato modificato."},
+        {"Entry.for.alias.alias.successfully.imported.",
+                 "La voce dell''alias {0} \u00E8 stata importata."},
+        {"Entry.for.alias.alias.not.imported.", "La voce dell''alias {0} non \u00E8 stata importata."},
+        {"Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported.",
+                 "Si \u00E8 verificato un problema durante l''importazione della voce dell''alias {0}: {1}.\nLa voce dell''alias {0} non \u00E8 stata importata."},
+        {"Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled",
+                 "Comando di importazione completato: {0} voce/i importata/e, {1} voce/i non importata/e o annullata/e"},
+        {"Warning.Overwriting.existing.alias.alias.in.destination.keystore",
+                 "Avvertenza: sovrascrittura in corso dell''alias {0} nel file keystore di destinazione"},
+        {"Existing.entry.alias.alias.exists.overwrite.no.",
+                 "La voce dell''alias {0} esiste gi\u00E0. Sovrascrivere? [no]:  "},
+        {"Too.many.failures.try.later", "Troppi errori - riprovare"},
+        {"Certification.request.stored.in.file.filename.",
+                "La richiesta di certificazione \u00E8 memorizzata nel file <{0}>"},
+        {"Submit.this.to.your.CA", "Sottomettere alla propria CA"},
+        {"if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified",
+            "Se l'alias non \u00E8 specificato, destalias, srckeypass e destkeypass non dovranno essere specificati"},
+        {"Certificate.stored.in.file.filename.",
+                "Il certificato \u00E8 memorizzato nel file <{0}>"},
+        {"Certificate.reply.was.installed.in.keystore",
+                "La risposta del certificato \u00E8 stata installata nel keystore"},
+        {"Certificate.reply.was.not.installed.in.keystore",
+                "La risposta del certificato non \u00E8 stata installata nel keystore"},
+        {"Certificate.was.added.to.keystore",
+                "Il certificato \u00E8 stato aggiunto al keystore"},
+        {"Certificate.was.not.added.to.keystore",
+                "Il certificato non \u00E8 stato aggiunto al keystore"},
+        {".Storing.ksfname.", "[Memorizzazione di {0}] in corso"},
+        {"alias.has.no.public.key.certificate.",
+                "{0} non dispone di chiave pubblica (certificato)"},
+        {"Cannot.derive.signature.algorithm",
+                "Impossibile derivare l'algoritmo di firma"},
+        {"Alias.alias.does.not.exist",
+                "L''alias <{0}> non esiste"},
+        {"Alias.alias.has.no.certificate",
+                "L''alias <{0}> non dispone di certificato"},
+        {"Key.pair.not.generated.alias.alias.already.exists",
+                "Non \u00E8 stata generata la coppia di chiavi, l''alias <{0}> \u00E8 gi\u00E0 esistente"},
+        {"Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for",
+                "Generazione in corso di una coppia di chiavi {1} da {0} bit e di un certificato autofirmato ({2}) con una validit\u00E0 di {3} giorni\n\tper: {4}"},
+        {"Enter.key.password.for.alias.", "Immettere la password della chiave per <{0}>"},
+        {".RETURN.if.same.as.keystore.password.",
+                "\t(INVIO se corrisponde alla password del keystore):  "},
+        {"Key.password.is.too.short.must.be.at.least.6.characters",
+                "La password della chiave \u00E8 troppo corta - deve contenere almeno 6 caratteri"},
+        {"Too.many.failures.key.not.added.to.keystore",
+                "Troppi errori - la chiave non \u00E8 stata aggiunta al keystore"},
+        {"Destination.alias.dest.already.exists",
+                "L''alias di destinazione <{0}> \u00E8 gi\u00E0 esistente"},
+        {"Password.is.too.short.must.be.at.least.6.characters",
+                "La password \u00E8 troppo corta - deve contenere almeno 6 caratteri"},
+        {"Too.many.failures.Key.entry.not.cloned",
+                "Numero eccessivo di errori. Il valore della chiave non \u00E8 stato copiato."},
+        {"key.password.for.alias.", "password della chiave per <{0}>"},
+        {"Keystore.entry.for.id.getName.already.exists",
+                "La voce del keystore per <{0}> esiste gi\u00E0"},
+        {"Creating.keystore.entry.for.id.getName.",
+                "Creazione della voce del keystore per <{0}> in corso..."},
+        {"No.entries.from.identity.database.added",
+                "Nessuna voce aggiunta dal database delle identit\u00E0"},
+        {"Alias.name.alias", "Nome alias: {0}"},
+        {"Creation.date.keyStore.getCreationDate.alias.",
+                "Data di creazione: {0,date}"},
+        {"alias.keyStore.getCreationDate.alias.",
+                "{0}, {1,date}, "},
+        {"alias.", "{0}, "},
+        {"Entry.type.type.", "Tipo di voce: {0}"},
+        {"Certificate.chain.length.", "Lunghezza catena certificati: "},
+        {"Certificate.i.1.", "Certificato[{0,number,integer}]:"},
+        {"Certificate.fingerprint.SHA1.", "Impronta digitale certificato (SHA1): "},
+        {"Keystore.type.", "Tipo keystore: "},
+        {"Keystore.provider.", "Provider keystore: "},
+        {"Your.keystore.contains.keyStore.size.entry",
+                "Il keystore contiene {0,number,integer} voce"},
+        {"Your.keystore.contains.keyStore.size.entries",
+                "Il keystore contiene {0,number,integer} voci"},
+        {"Failed.to.parse.input", "Impossibile analizzare l'input"},
+        {"Empty.input", "Input vuoto"},
+        {"Not.X.509.certificate", "Il certificato non \u00E8 X.509"},
+        {"alias.has.no.public.key", "{0} non dispone di chiave pubblica"},
+        {"alias.has.no.X.509.certificate", "{0} non dispone di certificato X.509"},
+        {"New.certificate.self.signed.", "Nuovo certificato (autofirmato):"},
+        {"Reply.has.no.certificates", "La risposta non dispone di certificati"},
+        {"Certificate.not.imported.alias.alias.already.exists",
+                "Impossibile importare il certificato, l''alias <{0}> \u00E8 gi\u00E0 esistente"},
+        {"Input.not.an.X.509.certificate", "L'input non \u00E8 un certificato X.509"},
+        {"Certificate.already.exists.in.keystore.under.alias.trustalias.",
+                "Il certificato esiste gi\u00E0 nel keystore con alias <{0}>"},
+        {"Do.you.still.want.to.add.it.no.",
+                "Aggiungerlo ugualmente? [no]:  "},
+        {"Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias.",
+                "Il certificato esiste gi\u00E0 nel keystore CA con alias <{0}>"},
+        {"Do.you.still.want.to.add.it.to.your.own.keystore.no.",
+                "Aggiungerlo al proprio keystore? [no]:  "},
+        {"Trust.this.certificate.no.", "Considerare sicuro questo certificato? [no]:  "},
+        {"YES", "S\u00EC"},
+        {"New.prompt.", "Nuova {0}: "},
+        {"Passwords.must.differ", "Le password non devono coincidere"},
+        {"Re.enter.new.prompt.", "Reimmettere un nuovo valore per {0}: "},
+        {"Re.enter.new.password.", "Immettere nuovamente la nuova password: "},
+        {"They.don.t.match.Try.again", "Non corrispondono. Riprovare."},
+        {"Enter.prompt.alias.name.", "Immettere nome alias {0}:  "},
+        {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
+                 "Immettere un nuovo nome alias\t(premere INVIO per annullare l'importazione della voce):  "},
+        {"Enter.alias.name.", "Immettere nome alias:  "},
+        {".RETURN.if.same.as.for.otherAlias.",
+                "\t(INVIO se corrisponde al nome di <{0}>"},
+        {".PATTERN.printX509Cert",
+                "Proprietario: {0}\nAutorit\u00E0 emittente: {1}\nNumero di serie: {2}\nValido da: {3} a: {4}\nImpronte digitali certificato:\n\t MD5:  {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t Nome algoritmo firma: {8}\n\t Versione: {9}"},
+        {"What.is.your.first.and.last.name.",
+                "Specificare nome e cognome"},
+        {"What.is.the.name.of.your.organizational.unit.",
+                "Specificare il nome dell'unit\u00E0 organizzativa"},
+        {"What.is.the.name.of.your.organization.",
+                "Specificare il nome dell'organizzazione"},
+        {"What.is.the.name.of.your.City.or.Locality.",
+                "Specificare la localit\u00E0"},
+        {"What.is.the.name.of.your.State.or.Province.",
+                "Specificare la provincia"},
+        {"What.is.the.two.letter.country.code.for.this.unit.",
+                "Specificare il codice a due lettere del paese in cui si trova l'unit\u00E0"},
+        {"Is.name.correct.", "Il dato {0} \u00E8 corretto?"},
+        {"no", "no"},
+        {"yes", "s\u00EC"},
+        {"y", "s"},
+        {".defaultValue.", "  [{0}]:  "},
+        {"Alias.alias.has.no.key",
+                "All''alias <{0}> non \u00E8 associata alcuna chiave"},
+        {"Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key",
+                 "L''alias <{0}> fa riferimento a un tipo di voce che non \u00E8 una voce di chiave privata. Il comando -keyclone supporta solo la copia delle voci di chiave private."},
+
+        {".WARNING.WARNING.WARNING.",
+            "*****************  Avvertenza Avvertenza Avvertenza  *****************"},
+        {"Signer.d.", "Firmatario #%d:"},
+        {"Timestamp.", "Indicatore orario:"},
+        {"Signature.", "Firma:"},
+        {"CRLs.", "CRL:"},
+        {"Certificate.owner.", "Proprietario certificato: "},
+        {"Not.a.signed.jar.file", "Non \u00E8 un file jar firmato"},
+        {"No.certificate.from.the.SSL.server",
+                "Nessun certificato dal server SSL"},
+
+        {".The.integrity.of.the.information.stored.in.your.keystore.",
+            "* L'integrit\u00E0 delle informazioni memorizzate nel keystore *\n* NON \u00E8 stata verificata. Per verificarne l'integrit\u00E0 *\n* \u00E8 necessario fornire la password del keystore.                  *"},
+        {".The.integrity.of.the.information.stored.in.the.srckeystore.",
+            "* L'integrit\u00E0 delle informazioni memorizzate nel srckeystore *\n* NON \u00E8 stata verificata. Per verificarne l'integrit\u00E0 *\n* \u00E8 necessario fornire la password del srckeystore.                  *"},
+
+        {"Certificate.reply.does.not.contain.public.key.for.alias.",
+                "La risposta del certificato non contiene la chiave pubblica per <{0}>"},
+        {"Incomplete.certificate.chain.in.reply",
+                "Catena dei certificati incompleta nella risposta"},
+        {"Certificate.chain.in.reply.does.not.verify.",
+                "La catena dei certificati nella risposta non verifica: "},
+        {"Top.level.certificate.in.reply.",
+                "Certificato di primo livello nella risposta:\n"},
+        {".is.not.trusted.", "...non \u00E8 considerato sicuro. "},
+        {"Install.reply.anyway.no.", "Installare la risposta? [no]:  "},
+        {"NO", "No"},
+        {"Public.keys.in.reply.and.keystore.don.t.match",
+                "Le chiavi pubbliche nella risposta e nel keystore non corrispondono"},
+        {"Certificate.reply.and.certificate.in.keystore.are.identical",
+                "La risposta del certificato e il certificato nel keystore sono identici"},
+        {"Failed.to.establish.chain.from.reply",
+                "Impossibile stabilire la catena dalla risposta"},
+        {"n", "n"},
+        {"Wrong.answer.try.again", "Risposta errata, riprovare"},
+        {"Secret.key.not.generated.alias.alias.already.exists",
+                "La chiave segreta non \u00E8 stata generata; l''alias <{0}> esiste gi\u00E0"},
+        {"Please.provide.keysize.for.secret.key.generation",
+                "Specificare il valore -keysize per la generazione della chiave segreta"},
+
+        {"Extensions.", "Estensioni: "},
+        {".Empty.value.", "(valore vuoto)"},
+        {"Extension.Request.", "Richiesta di estensione:"},
+        {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
+                "Richiesta di certificato PKCS #10 (versione 1.0)\nOggetto: %s\nChiave pubblica: %s formato %s chiave\n"},
+        {"Unknown.keyUsage.type.", "Tipo keyUsage sconosciuto: "},
+        {"Unknown.extendedkeyUsage.type.", "Tipo extendedkeyUsage sconosciuto: "},
+        {"Unknown.AccessDescription.type.", "Tipo AccessDescription sconosciuto: "},
+        {"Unrecognized.GeneralName.type.", "Tipo GeneralName non riconosciuto: "},
+        {"This.extension.cannot.be.marked.as.critical.",
+                 "Impossibile contrassegnare questa estensione come critica. "},
+        {"Odd.number.of.hex.digits.found.", "\u00C8 stato trovato un numero dispari di cifre esadecimali: "},
+        {"Unknown.extension.type.", "Tipo di estensione sconosciuto: "},
+        {"command.{0}.is.ambiguous.", "il comando {0} \u00E8 ambiguo:"}
+    };
+
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/keytool/Resources_ja.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,431 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.keytool;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for the keytool.
+ *
+ */
+public class Resources_ja extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+        {"NEWLINE", "\n"},
+        {"STAR",
+                "*******************************************"},
+        {"STARNN",
+                "*******************************************\n\n"},
+
+        // keytool: Help part
+// "Option" should be translated.
+        {".OPTION.", " [\u30AA\u30D7\u30B7\u30E7\u30F3]..."},
+        {"Options.", "\u30AA\u30D7\u30B7\u30E7\u30F3:"},
+        {"Use.keytool.help.for.all.available.commands",
+                 "\u4F7F\u7528\u53EF\u80FD\u306A\u3059\u3079\u3066\u306E\u30B3\u30DE\u30F3\u30C9\u306B\u3064\u3044\u3066\u306F\"keytool -help\"\u3092\u4F7F\u7528\u3057\u3066\u304F\u3060\u3055\u3044"},
+        {"Key.and.Certificate.Management.Tool",
+                 "\u30AD\u30FC\u304A\u3088\u3073\u8A3C\u660E\u66F8\u7BA1\u7406\u30C4\u30FC\u30EB"},
+        {"Commands.", "\u30B3\u30DE\u30F3\u30C9:"},
+        {"Use.keytool.command.name.help.for.usage.of.command.name",
+                "command_name\u306E\u4F7F\u7528\u65B9\u6CD5\u306B\u3064\u3044\u3066\u306F\"keytool -command_name -help\"\u3092\u4F7F\u7528\u3057\u3066\u304F\u3060\u3055\u3044"},
+        // keytool: help: commands
+        {"Generates.a.certificate.request",
+                "\u8A3C\u660E\u66F8\u30EA\u30AF\u30A8\u30B9\u30C8\u3092\u751F\u6210\u3057\u307E\u3059"}, //-certreq
+        {"Changes.an.entry.s.alias",
+                "\u30A8\u30F3\u30C8\u30EA\u306E\u5225\u540D\u3092\u5909\u66F4\u3057\u307E\u3059"}, //-changealias
+        {"Deletes.an.entry",
+                "\u30A8\u30F3\u30C8\u30EA\u3092\u524A\u9664\u3057\u307E\u3059"}, //-delete
+        {"Exports.certificate",
+                "\u8A3C\u660E\u66F8\u3092\u30A8\u30AF\u30B9\u30DD\u30FC\u30C8\u3057\u307E\u3059"}, //-exportcert
+        {"Generates.a.key.pair",
+                "\u9375\u30DA\u30A2\u3092\u751F\u6210\u3057\u307E\u3059"}, //-genkeypair
+// translation of "secret" key should be different to "private" key.
+        {"Generates.a.secret.key",
+                "\u79D8\u5BC6\u9375\u3092\u751F\u6210\u3057\u307E\u3059"}, //-genseckey
+        {"Generates.certificate.from.a.certificate.request",
+                "\u8A3C\u660E\u66F8\u30EA\u30AF\u30A8\u30B9\u30C8\u304B\u3089\u8A3C\u660E\u66F8\u3092\u751F\u6210\u3057\u307E\u3059"}, //-gencert
+        {"Generates.CRL", "CRL\u3092\u751F\u6210\u3057\u307E\u3059"}, //-gencrl
+        {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
+                "JDK 1.1.x-style\u30A2\u30A4\u30C7\u30F3\u30C6\u30A3\u30C6\u30A3\u30FB\u30C7\u30FC\u30BF\u30D9\u30FC\u30B9\u304B\u3089\u30A8\u30F3\u30C8\u30EA\u3092\u30A4\u30F3\u30DD\u30FC\u30C8\u3057\u307E\u3059"}, //-identitydb
+        {"Imports.a.certificate.or.a.certificate.chain",
+                "\u8A3C\u660E\u66F8\u307E\u305F\u306F\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u3092\u30A4\u30F3\u30DD\u30FC\u30C8\u3057\u307E\u3059"}, //-importcert
+        {"Imports.one.or.all.entries.from.another.keystore",
+                "\u5225\u306E\u30AD\u30FC\u30B9\u30C8\u30A2\u304B\u30891\u3064\u307E\u305F\u306F\u3059\u3079\u3066\u306E\u30A8\u30F3\u30C8\u30EA\u3092\u30A4\u30F3\u30DD\u30FC\u30C8\u3057\u307E\u3059"}, //-importkeystore
+        {"Clones.a.key.entry",
+                "\u9375\u30A8\u30F3\u30C8\u30EA\u306E\u30AF\u30ED\u30FC\u30F3\u3092\u4F5C\u6210\u3057\u307E\u3059"}, //-keyclone
+        {"Changes.the.key.password.of.an.entry",
+                "\u30A8\u30F3\u30C8\u30EA\u306E\u9375\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u5909\u66F4\u3057\u307E\u3059"}, //-keypasswd
+        {"Lists.entries.in.a.keystore",
+                "\u30AD\u30FC\u30B9\u30C8\u30A2\u5185\u306E\u30A8\u30F3\u30C8\u30EA\u3092\u30EA\u30B9\u30C8\u3057\u307E\u3059"}, //-list
+        {"Prints.the.content.of.a.certificate",
+                "\u8A3C\u660E\u66F8\u306E\u5185\u5BB9\u3092\u51FA\u529B\u3057\u307E\u3059"}, //-printcert
+        {"Prints.the.content.of.a.certificate.request",
+                "\u8A3C\u660E\u66F8\u30EA\u30AF\u30A8\u30B9\u30C8\u306E\u5185\u5BB9\u3092\u51FA\u529B\u3057\u307E\u3059"}, //-printcertreq
+        {"Prints.the.content.of.a.CRL.file",
+                "CRL\u30D5\u30A1\u30A4\u30EB\u306E\u5185\u5BB9\u3092\u51FA\u529B\u3057\u307E\u3059"}, //-printcrl
+        {"Generates.a.self.signed.certificate",
+                "\u81EA\u5DF1\u7F72\u540D\u578B\u8A3C\u660E\u66F8\u3092\u751F\u6210\u3057\u307E\u3059"}, //-selfcert
+        {"Changes.the.store.password.of.a.keystore",
+                "\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30B9\u30C8\u30A2\u30FB\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u5909\u66F4\u3057\u307E\u3059"}, //-storepasswd
+        // keytool: help: options
+        {"alias.name.of.the.entry.to.process",
+                "\u51E6\u7406\u3059\u308B\u30A8\u30F3\u30C8\u30EA\u306E\u5225\u540D"}, //-alias
+        {"destination.alias",
+                "\u51FA\u529B\u5148\u306E\u5225\u540D"}, //-destalias
+        {"destination.key.password",
+                "\u51FA\u529B\u5148\u30AD\u30FC\u306E\u30D1\u30B9\u30EF\u30FC\u30C9"}, //-destkeypass
+        {"destination.keystore.name",
+                "\u51FA\u529B\u5148\u30AD\u30FC\u30B9\u30C8\u30A2\u540D"}, //-destkeystore
+        {"destination.keystore.password.protected",
+                "\u51FA\u529B\u5148\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u4FDD\u8B77\u5BFE\u8C61\u30D1\u30B9\u30EF\u30FC\u30C9"}, //-destprotected
+        {"destination.keystore.provider.name",
+                "\u51FA\u529B\u5148\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30D7\u30ED\u30D0\u30A4\u30C0\u540D"}, //-destprovidername
+        {"destination.keystore.password",
+                "\u51FA\u529B\u5148\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9"}, //-deststorepass
+        {"destination.keystore.type",
+                "\u51FA\u529B\u5148\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30BF\u30A4\u30D7"}, //-deststoretype
+        {"distinguished.name",
+                "\u8B58\u5225\u540D"}, //-dname
+        {"X.509.extension",
+                "X.509\u62E1\u5F35"}, //-ext
+        {"output.file.name",
+                "\u51FA\u529B\u30D5\u30A1\u30A4\u30EB\u540D"}, //-file and -outfile
+        {"input.file.name",
+                "\u5165\u529B\u30D5\u30A1\u30A4\u30EB\u540D"}, //-file and -infile
+        {"key.algorithm.name",
+                "\u9375\u30A2\u30EB\u30B4\u30EA\u30BA\u30E0\u540D"}, //-keyalg
+        {"key.password",
+                "\u9375\u306E\u30D1\u30B9\u30EF\u30FC\u30C9"}, //-keypass
+        {"key.bit.size",
+                "\u9375\u306E\u30D3\u30C3\u30C8\u30FB\u30B5\u30A4\u30BA"}, //-keysize
+        {"keystore.name",
+                "\u30AD\u30FC\u30B9\u30C8\u30A2\u540D"}, //-keystore
+        {"new.password",
+                "\u65B0\u898F\u30D1\u30B9\u30EF\u30FC\u30C9"}, //-new
+        {"do.not.prompt",
+                "\u30D7\u30ED\u30F3\u30D7\u30C8\u3092\u8868\u793A\u3057\u306A\u3044"}, //-noprompt
+        {"password.through.protected.mechanism",
+                "\u4FDD\u8B77\u30E1\u30AB\u30CB\u30BA\u30E0\u306B\u3088\u308B\u30D1\u30B9\u30EF\u30FC\u30C9"}, //-protected
+        {"provider.argument",
+                "\u30D7\u30ED\u30D0\u30A4\u30C0\u5F15\u6570"}, //-providerarg
+        {"provider.class.name",
+                "\u30D7\u30ED\u30D0\u30A4\u30C0\u30FB\u30AF\u30E9\u30B9\u540D"}, //-providerclass
+        {"provider.name",
+                "\u30D7\u30ED\u30D0\u30A4\u30C0\u540D"}, //-providername
+        {"provider.classpath",
+                "\u30D7\u30ED\u30D0\u30A4\u30C0\u30FB\u30AF\u30E9\u30B9\u30D1\u30B9"}, //-providerpath
+        {"output.in.RFC.style",
+                "RFC\u30B9\u30BF\u30A4\u30EB\u306E\u51FA\u529B"}, //-rfc
+        {"signature.algorithm.name",
+                "\u7F72\u540D\u30A2\u30EB\u30B4\u30EA\u30BA\u30E0\u540D"}, //-sigalg
+        {"source.alias",
+                "\u30BD\u30FC\u30B9\u5225\u540D"}, //-srcalias
+        {"source.key.password",
+                "\u30BD\u30FC\u30B9\u30FB\u30AD\u30FC\u306E\u30D1\u30B9\u30EF\u30FC\u30C9"}, //-srckeypass
+        {"source.keystore.name",
+                "\u30BD\u30FC\u30B9\u30FB\u30AD\u30FC\u30B9\u30C8\u30A2\u540D"}, //-srckeystore
+        {"source.keystore.password.protected",
+                "\u30BD\u30FC\u30B9\u30FB\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u4FDD\u8B77\u5BFE\u8C61\u30D1\u30B9\u30EF\u30FC\u30C9"}, //-srcprotected
+        {"source.keystore.provider.name",
+                "\u30BD\u30FC\u30B9\u30FB\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30D7\u30ED\u30D0\u30A4\u30C0\u540D"}, //-srcprovidername
+        {"source.keystore.password",
+                "\u30BD\u30FC\u30B9\u30FB\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9"}, //-srcstorepass
+        {"source.keystore.type",
+                "\u30BD\u30FC\u30B9\u30FB\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30BF\u30A4\u30D7"}, //-srcstoretype
+        {"SSL.server.host.and.port",
+                "SSL\u30B5\u30FC\u30D0\u30FC\u306E\u30DB\u30B9\u30C8\u3068\u30DD\u30FC\u30C8"}, //-sslserver
+        {"signed.jar.file",
+                "\u7F72\u540D\u4ED8\u304DJAR\u30D5\u30A1\u30A4\u30EB"}, //=jarfile
+        {"certificate.validity.start.date.time",
+                "\u8A3C\u660E\u66F8\u306E\u6709\u52B9\u958B\u59CB\u65E5\u6642"}, //-startdate
+        {"keystore.password",
+                "\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9"}, //-storepass
+        {"keystore.type",
+                "\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30BF\u30A4\u30D7"}, //-storetype
+        {"trust.certificates.from.cacerts",
+                "cacerts\u304B\u3089\u306E\u8A3C\u660E\u66F8\u3092\u4FE1\u983C\u3059\u308B"}, //-trustcacerts
+        {"verbose.output",
+                "\u8A73\u7D30\u51FA\u529B"}, //-v
+        {"validity.number.of.days",
+                "\u59A5\u5F53\u6027\u65E5\u6570"}, //-validity
+        {"Serial.ID.of.cert.to.revoke",
+                 "\u5931\u52B9\u3059\u308B\u8A3C\u660E\u66F8\u306E\u30B7\u30EA\u30A2\u30EBID"}, //-id
+        // keytool: Running part
+        {"keytool.error.", "keytool\u30A8\u30E9\u30FC: "},
+        {"Illegal.option.", "\u4E0D\u6B63\u306A\u30AA\u30D7\u30B7\u30E7\u30F3:  "},
+        {"Illegal.value.", "\u4E0D\u6B63\u306A\u5024: "},
+        {"Unknown.password.type.", "\u4E0D\u660E\u306A\u30D1\u30B9\u30EF\u30FC\u30C9\u30FB\u30BF\u30A4\u30D7: "},
+        {"Cannot.find.environment.variable.",
+                "\u74B0\u5883\u5909\u6570\u304C\u898B\u3064\u304B\u308A\u307E\u305B\u3093: "},
+        {"Cannot.find.file.", "\u30D5\u30A1\u30A4\u30EB\u304C\u898B\u3064\u304B\u308A\u307E\u305B\u3093: "},
+        {"Command.option.flag.needs.an.argument.", "\u30B3\u30DE\u30F3\u30C9\u30FB\u30AA\u30D7\u30B7\u30E7\u30F3{0}\u306B\u306F\u5F15\u6570\u304C\u5FC5\u8981\u3067\u3059\u3002"},
+        {"Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value.",
+                "\u8B66\u544A: PKCS12\u30AD\u30FC\u30B9\u30C8\u30A2\u3067\u306F\u3001\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u3068\u9375\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u304C\u7570\u306A\u308B\u72B6\u6CC1\u306F\u30B5\u30DD\u30FC\u30C8\u3055\u308C\u307E\u305B\u3093\u3002\u30E6\u30FC\u30B6\u30FC\u304C\u6307\u5B9A\u3057\u305F{0}\u306E\u5024\u306F\u7121\u8996\u3057\u307E\u3059\u3002"},
+        {".keystore.must.be.NONE.if.storetype.is.{0}",
+                "-storetype\u304C{0}\u306E\u5834\u5408\u3001-keystore\u306FNONE\u3067\u3042\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059"},
+        {"Too.many.retries.program.terminated",
+                 "\u518D\u8A66\u884C\u304C\u591A\u3059\u304E\u307E\u3059\u3002\u30D7\u30ED\u30B0\u30E9\u30E0\u304C\u7D42\u4E86\u3057\u307E\u3057\u305F"},
+        {".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}",
+                "-storetype\u304C{0}\u306E\u5834\u5408\u3001-storepasswd\u30B3\u30DE\u30F3\u30C9\u304A\u3088\u3073-keypasswd\u30B3\u30DE\u30F3\u30C9\u306F\u30B5\u30DD\u30FC\u30C8\u3055\u308C\u307E\u305B\u3093"},
+        {".keypasswd.commands.not.supported.if.storetype.is.PKCS12",
+                "-storetype\u304CPKCS12\u306E\u5834\u5408\u3001-keypasswd\u30B3\u30DE\u30F3\u30C9\u306F\u30B5\u30DD\u30FC\u30C8\u3055\u308C\u307E\u305B\u3093"},
+        {".keypass.and.new.can.not.be.specified.if.storetype.is.{0}",
+                "-storetype\u304C{0}\u306E\u5834\u5408\u3001-keypass\u3068-new\u306F\u6307\u5B9A\u3067\u304D\u307E\u305B\u3093"},
+        {"if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified",
+                "-protected\u304C\u6307\u5B9A\u3055\u308C\u3066\u3044\u308B\u5834\u5408\u3001-storepass\u3001-keypass\u304A\u3088\u3073-new\u306F\u6307\u5B9A\u3067\u304D\u307E\u305B\u3093"},
+        {"if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified",
+                "-srcprotected\u304C\u6307\u5B9A\u3055\u308C\u3066\u3044\u308B\u5834\u5408\u3001-srcstorepass\u304A\u3088\u3073-srckeypass\u306F\u6307\u5B9A\u3067\u304D\u307E\u305B\u3093"},
+        {"if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified",
+                "\u30AD\u30FC\u30B9\u30C8\u30A2\u304C\u30D1\u30B9\u30EF\u30FC\u30C9\u3067\u4FDD\u8B77\u3055\u308C\u3066\u3044\u306A\u3044\u5834\u5408\u3001-storepass\u3001-keypass\u304A\u3088\u3073-new\u306F\u6307\u5B9A\u3067\u304D\u307E\u305B\u3093"},
+        {"if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified",
+                "\u30BD\u30FC\u30B9\u30FB\u30AD\u30FC\u30B9\u30C8\u30A2\u304C\u30D1\u30B9\u30EF\u30FC\u30C9\u3067\u4FDD\u8B77\u3055\u308C\u3066\u3044\u306A\u3044\u5834\u5408\u3001-srcstorepass\u304A\u3088\u3073-srckeypass\u306F\u6307\u5B9A\u3067\u304D\u307E\u305B\u3093"},
+        {"Illegal.startdate.value", "startdate\u5024\u304C\u7121\u52B9\u3067\u3059"},
+        {"Validity.must.be.greater.than.zero",
+                "\u59A5\u5F53\u6027\u306F\u30BC\u30ED\u3088\u308A\u5927\u304D\u3044\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059"},
+        {"provName.not.a.provider", "{0}\u306F\u30D7\u30ED\u30D0\u30A4\u30C0\u3067\u306F\u3042\u308A\u307E\u305B\u3093"},
+        {"Usage.error.no.command.provided", "\u4F7F\u7528\u30A8\u30E9\u30FC: \u30B3\u30DE\u30F3\u30C9\u304C\u6307\u5B9A\u3055\u308C\u3066\u3044\u307E\u305B\u3093"},
+        {"Source.keystore.file.exists.but.is.empty.", "\u30BD\u30FC\u30B9\u30FB\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30D5\u30A1\u30A4\u30EB\u306F\u3001\u5B58\u5728\u3057\u307E\u3059\u304C\u7A7A\u3067\u3059: "},
+        {"Please.specify.srckeystore", "-srckeystore\u3092\u6307\u5B9A\u3057\u3066\u304F\u3060\u3055\u3044"},
+        {"Must.not.specify.both.v.and.rfc.with.list.command",
+                "'list'\u30B3\u30DE\u30F3\u30C9\u306B-v\u3068-rfc\u306E\u4E21\u65B9\u3092\u6307\u5B9A\u3059\u308B\u3053\u3068\u306F\u3067\u304D\u307E\u305B\u3093"},
+        {"Key.password.must.be.at.least.6.characters",
+                "\u9375\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u306F6\u6587\u5B57\u4EE5\u4E0A\u3067\u3042\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059"},
+        {"New.password.must.be.at.least.6.characters",
+                "\u65B0\u898F\u30D1\u30B9\u30EF\u30FC\u30C9\u306F6\u6587\u5B57\u4EE5\u4E0A\u3067\u3042\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059"},
+        {"Keystore.file.exists.but.is.empty.",
+                "\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30D5\u30A1\u30A4\u30EB\u306F\u5B58\u5728\u3057\u307E\u3059\u304C\u3001\u7A7A\u3067\u3059: "},
+        {"Keystore.file.does.not.exist.",
+                "\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30D5\u30A1\u30A4\u30EB\u306F\u5B58\u5728\u3057\u307E\u305B\u3093: "},
+        {"Must.specify.destination.alias", "\u51FA\u529B\u5148\u306E\u5225\u540D\u3092\u6307\u5B9A\u3059\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059"},
+        {"Must.specify.alias", "\u5225\u540D\u3092\u6307\u5B9A\u3059\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059"},
+        {"Keystore.password.must.be.at.least.6.characters",
+                "\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u306F6\u6587\u5B57\u4EE5\u4E0A\u3067\u3042\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059"},
+        {"Enter.keystore.password.", "\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044:  "},
+        {"Enter.source.keystore.password.", "\u30BD\u30FC\u30B9\u30FB\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044:  "},
+        {"Enter.destination.keystore.password.", "\u51FA\u529B\u5148\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044:  "},
+        {"Keystore.password.is.too.short.must.be.at.least.6.characters",
+         "\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u304C\u77ED\u3059\u304E\u307E\u3059 - 6\u6587\u5B57\u4EE5\u4E0A\u306B\u3057\u3066\u304F\u3060\u3055\u3044"},
+        {"Unknown.Entry.Type", "\u4E0D\u660E\u306A\u30A8\u30F3\u30C8\u30EA\u30FB\u30BF\u30A4\u30D7"},
+        {"Too.many.failures.Alias.not.changed", "\u969C\u5BB3\u304C\u591A\u3059\u304E\u307E\u3059\u3002\u5225\u540D\u306F\u5909\u66F4\u3055\u308C\u307E\u305B\u3093"},
+        {"Entry.for.alias.alias.successfully.imported.",
+                 "\u5225\u540D{0}\u306E\u30A8\u30F3\u30C8\u30EA\u306E\u30A4\u30F3\u30DD\u30FC\u30C8\u306B\u6210\u529F\u3057\u307E\u3057\u305F\u3002"},
+        {"Entry.for.alias.alias.not.imported.", "\u5225\u540D{0}\u306E\u30A8\u30F3\u30C8\u30EA\u306F\u30A4\u30F3\u30DD\u30FC\u30C8\u3055\u308C\u307E\u305B\u3093\u3067\u3057\u305F\u3002"},
+        {"Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported.",
+                 "\u5225\u540D{0}\u306E\u30A8\u30F3\u30C8\u30EA\u306E\u30A4\u30F3\u30DD\u30FC\u30C8\u4E2D\u306B\u554F\u984C\u304C\u767A\u751F\u3057\u307E\u3057\u305F: {1}\u3002\n\u5225\u540D{0}\u306E\u30A8\u30F3\u30C8\u30EA\u306F\u30A4\u30F3\u30DD\u30FC\u30C8\u3055\u308C\u307E\u305B\u3093\u3067\u3057\u305F\u3002"},
+        {"Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled",
+                 "\u30A4\u30F3\u30DD\u30FC\u30C8\u30FB\u30B3\u30DE\u30F3\u30C9\u304C\u5B8C\u4E86\u3057\u307E\u3057\u305F: {0}\u4EF6\u306E\u30A8\u30F3\u30C8\u30EA\u306E\u30A4\u30F3\u30DD\u30FC\u30C8\u304C\u6210\u529F\u3057\u307E\u3057\u305F\u3002{1}\u4EF6\u306E\u30A8\u30F3\u30C8\u30EA\u306E\u30A4\u30F3\u30DD\u30FC\u30C8\u304C\u5931\u6557\u3057\u305F\u304B\u53D6\u308A\u6D88\u3055\u308C\u307E\u3057\u305F"},
+        {"Warning.Overwriting.existing.alias.alias.in.destination.keystore",
+                 "\u8B66\u544A: \u51FA\u529B\u5148\u30AD\u30FC\u30B9\u30C8\u30A2\u5185\u306E\u65E2\u5B58\u306E\u5225\u540D{0}\u3092\u4E0A\u66F8\u304D\u3057\u3066\u3044\u307E\u3059"},
+        {"Existing.entry.alias.alias.exists.overwrite.no.",
+                 "\u65E2\u5B58\u306E\u30A8\u30F3\u30C8\u30EA\u306E\u5225\u540D{0}\u304C\u5B58\u5728\u3057\u3066\u3044\u307E\u3059\u3002\u4E0A\u66F8\u304D\u3057\u307E\u3059\u304B\u3002[\u3044\u3044\u3048]:  "},
+        {"Too.many.failures.try.later", "\u969C\u5BB3\u304C\u591A\u3059\u304E\u307E\u3059 - \u5F8C\u3067\u5B9F\u884C\u3057\u3066\u304F\u3060\u3055\u3044"},
+        {"Certification.request.stored.in.file.filename.",
+                "\u8A3C\u660E\u66F8\u30EA\u30AF\u30A8\u30B9\u30C8\u304C\u30D5\u30A1\u30A4\u30EB<{0}>\u306B\u4FDD\u5B58\u3055\u308C\u307E\u3057\u305F"},
+        {"Submit.this.to.your.CA", "\u3053\u308C\u3092CA\u306B\u63D0\u51FA\u3057\u3066\u304F\u3060\u3055\u3044"},
+        {"if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified",
+            "\u5225\u540D\u3092\u6307\u5B9A\u3057\u306A\u3044\u5834\u5408\u3001\u51FA\u529B\u5148\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u5225\u540D\u3001\u30BD\u30FC\u30B9\u30FB\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u304A\u3088\u3073\u51FA\u529B\u5148\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u306F\u6307\u5B9A\u3067\u304D\u307E\u305B\u3093"},
+        {"Certificate.stored.in.file.filename.",
+                "\u8A3C\u660E\u66F8\u304C\u30D5\u30A1\u30A4\u30EB<{0}>\u306B\u4FDD\u5B58\u3055\u308C\u307E\u3057\u305F"},
+        {"Certificate.reply.was.installed.in.keystore",
+                "\u8A3C\u660E\u66F8\u5FDC\u7B54\u304C\u30AD\u30FC\u30B9\u30C8\u30A2\u306B\u30A4\u30F3\u30B9\u30C8\u30FC\u30EB\u3055\u308C\u307E\u3057\u305F"},
+        {"Certificate.reply.was.not.installed.in.keystore",
+                "\u8A3C\u660E\u66F8\u5FDC\u7B54\u304C\u30AD\u30FC\u30B9\u30C8\u30A2\u306B\u30A4\u30F3\u30B9\u30C8\u30FC\u30EB\u3055\u308C\u307E\u305B\u3093\u3067\u3057\u305F"},
+        {"Certificate.was.added.to.keystore",
+                "\u8A3C\u660E\u66F8\u304C\u30AD\u30FC\u30B9\u30C8\u30A2\u306B\u8FFD\u52A0\u3055\u308C\u307E\u3057\u305F"},
+        {"Certificate.was.not.added.to.keystore",
+                "\u8A3C\u660E\u66F8\u304C\u30AD\u30FC\u30B9\u30C8\u30A2\u306B\u8FFD\u52A0\u3055\u308C\u307E\u305B\u3093\u3067\u3057\u305F"},
+        {".Storing.ksfname.", "[{0}\u3092\u683C\u7D0D\u4E2D]"},
+        {"alias.has.no.public.key.certificate.",
+                "{0}\u306B\u306F\u516C\u958B\u9375(\u8A3C\u660E\u66F8)\u304C\u3042\u308A\u307E\u305B\u3093"},
+        {"Cannot.derive.signature.algorithm",
+                "\u7F72\u540D\u30A2\u30EB\u30B4\u30EA\u30BA\u30E0\u3092\u53D6\u5F97\u3067\u304D\u307E\u305B\u3093"},
+        {"Alias.alias.does.not.exist",
+                "\u5225\u540D<{0}>\u306F\u5B58\u5728\u3057\u307E\u305B\u3093"},
+        {"Alias.alias.has.no.certificate",
+                "\u5225\u540D<{0}>\u306B\u306F\u8A3C\u660E\u66F8\u304C\u3042\u308A\u307E\u305B\u3093"},
+        {"Key.pair.not.generated.alias.alias.already.exists",
+                "\u9375\u30DA\u30A2\u306F\u751F\u6210\u3055\u308C\u307E\u305B\u3093\u3067\u3057\u305F\u3002\u5225\u540D<{0}>\u306F\u3059\u3067\u306B\u5B58\u5728\u3057\u307E\u3059"},
+        {"Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for",
+                "{3}\u65E5\u9593\u6709\u52B9\u306A{0}\u30D3\u30C3\u30C8\u306E{1}\u306E\u9375\u30DA\u30A2\u3068\u81EA\u5DF1\u7F72\u540D\u578B\u8A3C\u660E\u66F8({2})\u3092\u751F\u6210\u3057\u3066\u3044\u307E\u3059\n\t\u30C7\u30A3\u30EC\u30AF\u30C8\u30EA\u540D: {4}"},
+        {"Enter.key.password.for.alias.", "<{0}>\u306E\u9375\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044"},
+        {".RETURN.if.same.as.keystore.password.",
+                "\t(\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u3068\u540C\u3058\u5834\u5408\u306FRETURN\u3092\u62BC\u3057\u3066\u304F\u3060\u3055\u3044):  "},
+        {"Key.password.is.too.short.must.be.at.least.6.characters",
+                "\u9375\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u304C\u77ED\u3059\u304E\u307E\u3059 - 6\u6587\u5B57\u4EE5\u4E0A\u3092\u6307\u5B9A\u3057\u3066\u304F\u3060\u3055\u3044"},
+        {"Too.many.failures.key.not.added.to.keystore",
+                "\u969C\u5BB3\u304C\u591A\u3059\u304E\u307E\u3059 - \u9375\u306F\u30AD\u30FC\u30B9\u30C8\u30A2\u306B\u8FFD\u52A0\u3055\u308C\u307E\u305B\u3093\u3067\u3057\u305F"},
+        {"Destination.alias.dest.already.exists",
+                "\u51FA\u529B\u5148\u306E\u5225\u540D<{0}>\u306F\u3059\u3067\u306B\u5B58\u5728\u3057\u307E\u3059"},
+        {"Password.is.too.short.must.be.at.least.6.characters",
+                "\u30D1\u30B9\u30EF\u30FC\u30C9\u304C\u77ED\u3059\u304E\u307E\u3059 - 6\u6587\u5B57\u4EE5\u4E0A\u3092\u6307\u5B9A\u3057\u3066\u304F\u3060\u3055\u3044"},
+        {"Too.many.failures.Key.entry.not.cloned",
+                "\u969C\u5BB3\u304C\u591A\u3059\u304E\u307E\u3059\u3002\u9375\u30A8\u30F3\u30C8\u30EA\u306E\u30AF\u30ED\u30FC\u30F3\u306F\u4F5C\u6210\u3055\u308C\u307E\u305B\u3093\u3067\u3057\u305F"},
+        {"key.password.for.alias.", "<{0}>\u306E\u9375\u306E\u30D1\u30B9\u30EF\u30FC\u30C9"},
+        {"Keystore.entry.for.id.getName.already.exists",
+                "<{0}>\u306E\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30A8\u30F3\u30C8\u30EA\u306F\u3059\u3067\u306B\u5B58\u5728\u3057\u307E\u3059"},
+        {"Creating.keystore.entry.for.id.getName.",
+                "<{0}>\u306E\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30A8\u30F3\u30C8\u30EA\u3092\u4F5C\u6210\u4E2D..."},
+        {"No.entries.from.identity.database.added",
+                "\u30A2\u30A4\u30C7\u30F3\u30C6\u30A3\u30C6\u30A3\u30FB\u30C7\u30FC\u30BF\u30D9\u30FC\u30B9\u304B\u3089\u8FFD\u52A0\u3055\u308C\u305F\u30A8\u30F3\u30C8\u30EA\u306F\u3042\u308A\u307E\u305B\u3093"},
+        {"Alias.name.alias", "\u5225\u540D: {0}"},
+        {"Creation.date.keyStore.getCreationDate.alias.",
+                "\u4F5C\u6210\u65E5: {0,date}"},
+        {"alias.keyStore.getCreationDate.alias.",
+                "{0},{1,date}, "},
+        {"alias.", "{0}, "},
+        {"Entry.type.type.", "\u30A8\u30F3\u30C8\u30EA\u30FB\u30BF\u30A4\u30D7: {0}"},
+        {"Certificate.chain.length.", "\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u306E\u9577\u3055: "},
+        {"Certificate.i.1.", "\u8A3C\u660E\u66F8[{0,number,integer}]:"},
+        {"Certificate.fingerprint.SHA1.", "\u8A3C\u660E\u66F8\u306E\u30D5\u30A3\u30F3\u30AC\u30D7\u30EA\u30F3\u30C8(SHA1): "},
+        {"Keystore.type.", "\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30BF\u30A4\u30D7: "},
+        {"Keystore.provider.", "\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30D7\u30ED\u30D0\u30A4\u30C0: "},
+        {"Your.keystore.contains.keyStore.size.entry",
+                "\u30AD\u30FC\u30B9\u30C8\u30A2\u306B\u306F{0,number,integer}\u30A8\u30F3\u30C8\u30EA\u304C\u542B\u307E\u308C\u307E\u3059"},
+        {"Your.keystore.contains.keyStore.size.entries",
+                "\u30AD\u30FC\u30B9\u30C8\u30A2\u306B\u306F{0,number,integer}\u30A8\u30F3\u30C8\u30EA\u304C\u542B\u307E\u308C\u307E\u3059"},
+        {"Failed.to.parse.input", "\u5165\u529B\u306E\u69CB\u6587\u89E3\u6790\u306B\u5931\u6557\u3057\u307E\u3057\u305F"},
+        {"Empty.input", "\u5165\u529B\u304C\u3042\u308A\u307E\u305B\u3093"},
+        {"Not.X.509.certificate", "X.509\u8A3C\u660E\u66F8\u3067\u306F\u3042\u308A\u307E\u305B\u3093"},
+        {"alias.has.no.public.key", "{0}\u306B\u306F\u516C\u958B\u9375\u304C\u3042\u308A\u307E\u305B\u3093"},
+        {"alias.has.no.X.509.certificate", "{0}\u306B\u306FX.509\u8A3C\u660E\u66F8\u304C\u3042\u308A\u307E\u305B\u3093"},
+        {"New.certificate.self.signed.", "\u65B0\u3057\u3044\u8A3C\u660E\u66F8(\u81EA\u5DF1\u7F72\u540D\u578B):"},
+        {"Reply.has.no.certificates", "\u5FDC\u7B54\u306B\u306F\u8A3C\u660E\u66F8\u304C\u3042\u308A\u307E\u305B\u3093"},
+        {"Certificate.not.imported.alias.alias.already.exists",
+                "\u8A3C\u660E\u66F8\u306F\u30A4\u30F3\u30DD\u30FC\u30C8\u3055\u308C\u307E\u305B\u3093\u3067\u3057\u305F\u3002\u5225\u540D<{0}>\u306F\u3059\u3067\u306B\u5B58\u5728\u3057\u307E\u3059"},
+        {"Input.not.an.X.509.certificate", "\u5165\u529B\u306FX.509\u8A3C\u660E\u66F8\u3067\u306F\u3042\u308A\u307E\u305B\u3093"},
+        {"Certificate.already.exists.in.keystore.under.alias.trustalias.",
+                "\u8A3C\u660E\u66F8\u306F\u3001\u5225\u540D<{0}>\u306E\u30AD\u30FC\u30B9\u30C8\u30A2\u306B\u3059\u3067\u306B\u5B58\u5728\u3057\u307E\u3059"},
+        {"Do.you.still.want.to.add.it.no.",
+                "\u8FFD\u52A0\u3057\u307E\u3059\u304B\u3002[\u3044\u3044\u3048]:  "},
+        {"Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias.",
+                "\u8A3C\u660E\u66F8\u306F\u3001\u5225\u540D<{0}>\u306E\u30B7\u30B9\u30C6\u30E0\u898F\u6A21\u306ECA\u30AD\u30FC\u30B9\u30C8\u30A2\u5185\u306B\u3059\u3067\u306B\u5B58\u5728\u3057\u307E\u3059"},
+        {"Do.you.still.want.to.add.it.to.your.own.keystore.no.",
+                "\u30AD\u30FC\u30B9\u30C8\u30A2\u306B\u8FFD\u52A0\u3057\u307E\u3059\u304B\u3002 [\u3044\u3044\u3048]:  "},
+        {"Trust.this.certificate.no.", "\u3053\u306E\u8A3C\u660E\u66F8\u3092\u4FE1\u983C\u3057\u307E\u3059\u304B\u3002 [\u3044\u3044\u3048]:  "},
+        {"YES", "\u306F\u3044"},
+        {"New.prompt.", "\u65B0\u898F{0}: "},
+        {"Passwords.must.differ", "\u30D1\u30B9\u30EF\u30FC\u30C9\u306F\u7570\u306A\u3063\u3066\u3044\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059"},
+        {"Re.enter.new.prompt.", "\u65B0\u898F{0}\u3092\u518D\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044: "},
+        {"Re.enter.new.password.", "\u65B0\u898F\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u518D\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044: "},
+        {"They.don.t.match.Try.again", "\u4E00\u81F4\u3057\u307E\u305B\u3093\u3002\u3082\u3046\u4E00\u5EA6\u5B9F\u884C\u3057\u3066\u304F\u3060\u3055\u3044"},
+        {"Enter.prompt.alias.name.", "{0}\u306E\u5225\u540D\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044:  "},
+        {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
+                 "\u65B0\u3057\u3044\u5225\u540D\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044\t(\u3053\u306E\u30A8\u30F3\u30C8\u30EA\u306E\u30A4\u30F3\u30DD\u30FC\u30C8\u3092\u53D6\u308A\u6D88\u3059\u5834\u5408\u306FRETURN\u3092\u62BC\u3057\u3066\u304F\u3060\u3055\u3044):  "},
+        {"Enter.alias.name.", "\u5225\u540D\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044:  "},
+        {".RETURN.if.same.as.for.otherAlias.",
+                "\t(<{0}>\u3068\u540C\u3058\u5834\u5408\u306FRETURN\u3092\u62BC\u3057\u3066\u304F\u3060\u3055\u3044)"},
+        {".PATTERN.printX509Cert",
+                "\u6240\u6709\u8005: {0}\n\u767A\u884C\u8005: {1}\n\u30B7\u30EA\u30A2\u30EB\u756A\u53F7: {2}\n\u6709\u52B9\u671F\u9593\u306E\u958B\u59CB\u65E5: {3}\u7D42\u4E86\u65E5: {4}\n\u8A3C\u660E\u66F8\u306E\u30D5\u30A3\u30F3\u30AC\u30D7\u30EA\u30F3\u30C8:\n\t MD5:  {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t \u7F72\u540D\u30A2\u30EB\u30B4\u30EA\u30BA\u30E0\u540D: {8}\n\t \u30D0\u30FC\u30B8\u30E7\u30F3: {9}"},
+        {"What.is.your.first.and.last.name.",
+                "\u59D3\u540D\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044\u3002"},
+        {"What.is.the.name.of.your.organizational.unit.",
+                "\u7D44\u7E54\u5358\u4F4D\u540D\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044\u3002"},
+        {"What.is.the.name.of.your.organization.",
+                "\u7D44\u7E54\u540D\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044\u3002"},
+        {"What.is.the.name.of.your.City.or.Locality.",
+                "\u90FD\u5E02\u540D\u307E\u305F\u306F\u5730\u57DF\u540D\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044\u3002"},
+        {"What.is.the.name.of.your.State.or.Province.",
+                "\u90FD\u9053\u5E9C\u770C\u540D\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044\u3002"},
+        {"What.is.the.two.letter.country.code.for.this.unit.",
+                "\u3053\u306E\u5358\u4F4D\u306B\u8A72\u5F53\u3059\u308B2\u6587\u5B57\u306E\u56FD\u30B3\u30FC\u30C9\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044\u3002"},
+        {"Is.name.correct.", "{0}\u3067\u3088\u308D\u3057\u3044\u3067\u3059\u304B\u3002"},
+        {"no", "\u3044\u3044\u3048"},
+        {"yes", "\u306F\u3044"},
+        {"y", "y"},
+        {".defaultValue.", "  [{0}]:  "},
+        {"Alias.alias.has.no.key",
+                "\u5225\u540D<{0}>\u306B\u306F\u9375\u304C\u3042\u308A\u307E\u305B\u3093"},
+        {"Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key",
+                 "\u5225\u540D<{0}>\u304C\u53C2\u7167\u3057\u3066\u3044\u308B\u30A8\u30F3\u30C8\u30EA\u30FB\u30BF\u30A4\u30D7\u306F\u79D8\u5BC6\u9375\u30A8\u30F3\u30C8\u30EA\u3067\u306F\u3042\u308A\u307E\u305B\u3093\u3002-keyclone\u30B3\u30DE\u30F3\u30C9\u306F\u79D8\u5BC6\u9375\u30A8\u30F3\u30C8\u30EA\u306E\u30AF\u30ED\u30FC\u30F3\u4F5C\u6210\u306E\u307F\u3092\u30B5\u30DD\u30FC\u30C8\u3057\u307E\u3059"},
+
+        {".WARNING.WARNING.WARNING.",
+            "*****************\u8B66\u544A \u8B66\u544A \u8B66\u544A*****************"},
+        {"Signer.d.", "\u7F72\u540D\u8005\u756A\u53F7%d:"},
+        {"Timestamp.", "\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7:"},
+        {"Signature.", "\u7F72\u540D:"},
+        {"CRLs.", "CRL:"},
+        {"Certificate.owner.", "\u8A3C\u660E\u66F8\u306E\u6240\u6709\u8005: "},
+        {"Not.a.signed.jar.file", "\u7F72\u540D\u4ED8\u304DJAR\u30D5\u30A1\u30A4\u30EB\u3067\u306F\u3042\u308A\u307E\u305B\u3093"},
+        {"No.certificate.from.the.SSL.server",
+                "SSL\u30B5\u30FC\u30D0\u30FC\u304B\u3089\u306E\u8A3C\u660E\u66F8\u304C\u3042\u308A\u307E\u305B\u3093"},
+
+        {".The.integrity.of.the.information.stored.in.your.keystore.",
+            "*\u30AD\u30FC\u30B9\u30C8\u30A2\u306B\u4FDD\u5B58\u3055\u308C\u305F\u60C5\u5831\u306E\u6574\u5408\u6027\u306F*\n*\u691C\u8A3C\u3055\u308C\u3066\u3044\u307E\u305B\u3093\u3002\u6574\u5408\u6027\u3092\u691C\u8A3C\u3059\u308B\u306B\u306F*\n*\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u5165\u529B\u3059\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059\u3002*"},
+        {".The.integrity.of.the.information.stored.in.the.srckeystore.",
+            "*\u30BD\u30FC\u30B9\u30FB\u30AD\u30FC\u30B9\u30C8\u30A2\u306B\u4FDD\u5B58\u3055\u308C\u305F\u60C5\u5831\u306E\u6574\u5408\u6027\u306F*\n*\u691C\u8A3C\u3055\u308C\u3066\u3044\u307E\u305B\u3093\u3002\u6574\u5408\u6027\u3092\u691C\u8A3C\u3059\u308B\u306B\u306F*\n*\u30BD\u30FC\u30B9\u30FB\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u5165\u529B\u3059\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059\u3002*"},
+
+        {"Certificate.reply.does.not.contain.public.key.for.alias.",
+                "\u8A3C\u660E\u66F8\u5FDC\u7B54\u306B\u306F\u3001<{0}>\u306E\u516C\u958B\u9375\u306F\u542B\u307E\u308C\u307E\u305B\u3093"},
+        {"Incomplete.certificate.chain.in.reply",
+                "\u5FDC\u7B54\u3057\u305F\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u306F\u4E0D\u5B8C\u5168\u3067\u3059"},
+        {"Certificate.chain.in.reply.does.not.verify.",
+                "\u5FDC\u7B54\u3057\u305F\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u306F\u691C\u8A3C\u3055\u308C\u3066\u3044\u307E\u305B\u3093: "},
+        {"Top.level.certificate.in.reply.",
+                "\u5FDC\u7B54\u3057\u305F\u30C8\u30C3\u30D7\u30EC\u30D9\u30EB\u306E\u8A3C\u660E\u66F8:\n"},
+        {".is.not.trusted.", "... \u306F\u4FE1\u983C\u3055\u308C\u3066\u3044\u307E\u305B\u3093\u3002 "},
+        {"Install.reply.anyway.no.", "\u5FDC\u7B54\u3092\u30A4\u30F3\u30B9\u30C8\u30FC\u30EB\u3057\u307E\u3059\u304B\u3002[\u3044\u3044\u3048]:  "},
+        {"NO", "\u3044\u3044\u3048"},
+        {"Public.keys.in.reply.and.keystore.don.t.match",
+                "\u5FDC\u7B54\u3057\u305F\u516C\u958B\u9375\u3068\u30AD\u30FC\u30B9\u30C8\u30A2\u304C\u4E00\u81F4\u3057\u307E\u305B\u3093"},
+        {"Certificate.reply.and.certificate.in.keystore.are.identical",
+                "\u8A3C\u660E\u66F8\u5FDC\u7B54\u3068\u30AD\u30FC\u30B9\u30C8\u30A2\u5185\u306E\u8A3C\u660E\u66F8\u304C\u540C\u3058\u3067\u3059"},
+        {"Failed.to.establish.chain.from.reply",
+                "\u5FDC\u7B54\u304B\u3089\u9023\u9396\u3092\u78BA\u7ACB\u3067\u304D\u307E\u305B\u3093\u3067\u3057\u305F"},
+        {"n", "n"},
+        {"Wrong.answer.try.again", "\u5FDC\u7B54\u304C\u9593\u9055\u3063\u3066\u3044\u307E\u3059\u3002\u3082\u3046\u4E00\u5EA6\u5B9F\u884C\u3057\u3066\u304F\u3060\u3055\u3044"},
+        {"Secret.key.not.generated.alias.alias.already.exists",
+                "\u79D8\u5BC6\u9375\u306F\u751F\u6210\u3055\u308C\u307E\u305B\u3093\u3067\u3057\u305F\u3002\u5225\u540D<{0}>\u306F\u3059\u3067\u306B\u5B58\u5728\u3057\u307E\u3059"},
+        {"Please.provide.keysize.for.secret.key.generation",
+                "\u79D8\u5BC6\u9375\u306E\u751F\u6210\u6642\u306B\u306F -keysize\u3092\u6307\u5B9A\u3057\u3066\u304F\u3060\u3055\u3044"},
+
+        {"Extensions.", "\u62E1\u5F35: "},
+        {".Empty.value.", "(\u7A7A\u306E\u5024)"},
+        {"Extension.Request.", "\u62E1\u5F35\u30EA\u30AF\u30A8\u30B9\u30C8:"},
+        {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
+                "PKCS #10\u8A3C\u660E\u66F8\u30EA\u30AF\u30A8\u30B9\u30C8(\u30D0\u30FC\u30B8\u30E7\u30F31.0)\n\u30B5\u30D6\u30B8\u30A7\u30AF\u30C8: %s\n\u516C\u958B\u9375: %s \u30D5\u30A9\u30FC\u30DE\u30C3\u30C8 %s \u30AD\u30FC\n"},
+        {"Unknown.keyUsage.type.", "\u4E0D\u660E\u306AkeyUsage\u30BF\u30A4\u30D7: "},
+        {"Unknown.extendedkeyUsage.type.", "\u4E0D\u660E\u306AextendedkeyUsage\u30BF\u30A4\u30D7: "},
+        {"Unknown.AccessDescription.type.", "\u4E0D\u660E\u306AAccessDescription\u30BF\u30A4\u30D7: "},
+        {"Unrecognized.GeneralName.type.", "\u8A8D\u8B58\u3055\u308C\u306A\u3044GeneralName\u30BF\u30A4\u30D7: "},
+        {"This.extension.cannot.be.marked.as.critical.",
+                 "\u3053\u306E\u62E1\u5F35\u306F\u30AF\u30EA\u30C6\u30A3\u30AB\u30EB\u3068\u3057\u3066\u30DE\u30FC\u30AF\u4ED8\u3051\u3067\u304D\u307E\u305B\u3093\u3002 "},
+        {"Odd.number.of.hex.digits.found.", "\u5947\u6570\u306E16\u9032\u6570\u304C\u898B\u3064\u304B\u308A\u307E\u3057\u305F: "},
+        {"Unknown.extension.type.", "\u4E0D\u660E\u306A\u62E1\u5F35\u30BF\u30A4\u30D7: "},
+        {"command.{0}.is.ambiguous.", "\u30B3\u30DE\u30F3\u30C9{0}\u306F\u3042\u3044\u307E\u3044\u3067\u3059:"}
+    };
+
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/keytool/Resources_ko.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,431 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.keytool;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for the keytool.
+ *
+ */
+public class Resources_ko extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+        {"NEWLINE", "\n"},
+        {"STAR",
+                "*******************************************"},
+        {"STARNN",
+                "*******************************************\n\n"},
+
+        // keytool: Help part
+// "Option" should be translated.
+        {".OPTION.", " [\uC635\uC158]..."},
+        {"Options.", "\uC635\uC158:"},
+        {"Use.keytool.help.for.all.available.commands",
+                 "\uC0AC\uC6A9 \uAC00\uB2A5\uD55C \uBAA8\uB4E0 \uBA85\uB839\uC5D0 \"keytool -help\" \uC0AC\uC6A9"},
+        {"Key.and.Certificate.Management.Tool",
+                 "\uD0A4 \uBC0F \uC778\uC99D\uC11C \uAD00\uB9AC \uD234"},
+        {"Commands.", "\uBA85\uB839:"},
+        {"Use.keytool.command.name.help.for.usage.of.command.name",
+                "command_name \uC0AC\uC6A9\uBC95\uC5D0 \"keytool -command_name -help\" \uC0AC\uC6A9"},
+        // keytool: help: commands
+        {"Generates.a.certificate.request",
+                "\uC778\uC99D\uC11C \uC694\uCCAD\uC744 \uC0DD\uC131\uD569\uB2C8\uB2E4."}, //-certreq
+        {"Changes.an.entry.s.alias",
+                "\uD56D\uBAA9\uC758 \uBCC4\uCE6D\uC744 \uBCC0\uACBD\uD569\uB2C8\uB2E4."}, //-changealias
+        {"Deletes.an.entry",
+                "\uD56D\uBAA9\uC744 \uC0AD\uC81C\uD569\uB2C8\uB2E4."}, //-delete
+        {"Exports.certificate",
+                "\uC778\uC99D\uC11C\uB97C \uC775\uC2A4\uD3EC\uD2B8\uD569\uB2C8\uB2E4."}, //-exportcert
+        {"Generates.a.key.pair",
+                "\uD0A4 \uC30D\uC744 \uC0DD\uC131\uD569\uB2C8\uB2E4."}, //-genkeypair
+// translation of "secret" key should be different to "private" key.
+        {"Generates.a.secret.key",
+                "\uBCF4\uC548 \uD0A4\uB97C \uC0DD\uC131\uD569\uB2C8\uB2E4."}, //-genseckey
+        {"Generates.certificate.from.a.certificate.request",
+                "\uC778\uC99D\uC11C \uC694\uCCAD\uC5D0\uC11C \uC778\uC99D\uC11C\uB97C \uC0DD\uC131\uD569\uB2C8\uB2E4."}, //-gencert
+        {"Generates.CRL", "CRL\uC744 \uC0DD\uC131\uD569\uB2C8\uB2E4."}, //-gencrl
+        {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
+                "JDK 1.1.x \uC2A4\uD0C0\uC77C ID \uB370\uC774\uD130\uBCA0\uC774\uC2A4\uC5D0\uC11C \uD56D\uBAA9\uC744 \uC784\uD3EC\uD2B8\uD569\uB2C8\uB2E4."}, //-identitydb
+        {"Imports.a.certificate.or.a.certificate.chain",
+                "\uC778\uC99D\uC11C \uB610\uB294 \uC778\uC99D\uC11C \uCCB4\uC778\uC744 \uC784\uD3EC\uD2B8\uD569\uB2C8\uB2E4."}, //-importcert
+        {"Imports.one.or.all.entries.from.another.keystore",
+                "\uB2E4\uB978 \uD0A4 \uC800\uC7A5\uC18C\uC5D0\uC11C \uD558\uB098 \uB610\uB294 \uBAA8\uB4E0 \uD56D\uBAA9\uC744 \uC784\uD3EC\uD2B8\uD569\uB2C8\uB2E4."}, //-importkeystore
+        {"Clones.a.key.entry",
+                "\uD0A4 \uD56D\uBAA9\uC744 \uBCF5\uC81C\uD569\uB2C8\uB2E4."}, //-keyclone
+        {"Changes.the.key.password.of.an.entry",
+                "\uD56D\uBAA9\uC758 \uD0A4 \uBE44\uBC00\uBC88\uD638\uB97C \uBCC0\uACBD\uD569\uB2C8\uB2E4."}, //-keypasswd
+        {"Lists.entries.in.a.keystore",
+                "\uD0A4 \uC800\uC7A5\uC18C\uC758 \uD56D\uBAA9\uC744 \uB098\uC5F4\uD569\uB2C8\uB2E4."}, //-list
+        {"Prints.the.content.of.a.certificate",
+                "\uC778\uC99D\uC11C\uC758 \uCF58\uD150\uCE20\uB97C \uC778\uC1C4\uD569\uB2C8\uB2E4."}, //-printcert
+        {"Prints.the.content.of.a.certificate.request",
+                "\uC778\uC99D\uC11C \uC694\uCCAD\uC758 \uCF58\uD150\uCE20\uB97C \uC778\uC1C4\uD569\uB2C8\uB2E4."}, //-printcertreq
+        {"Prints.the.content.of.a.CRL.file",
+                "CRL \uD30C\uC77C\uC758 \uCF58\uD150\uCE20\uB97C \uC778\uC1C4\uD569\uB2C8\uB2E4."}, //-printcrl
+        {"Generates.a.self.signed.certificate",
+                "\uC790\uCCB4 \uC11C\uBA85\uB41C \uC778\uC99D\uC11C\uB97C \uC0DD\uC131\uD569\uB2C8\uB2E4."}, //-selfcert
+        {"Changes.the.store.password.of.a.keystore",
+                "\uD0A4 \uC800\uC7A5\uC18C\uC758 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638\uB97C \uBCC0\uACBD\uD569\uB2C8\uB2E4."}, //-storepasswd
+        // keytool: help: options
+        {"alias.name.of.the.entry.to.process",
+                "\uCC98\uB9AC\uD560 \uD56D\uBAA9\uC758 \uBCC4\uCE6D \uC774\uB984"}, //-alias
+        {"destination.alias",
+                "\uB300\uC0C1 \uBCC4\uCE6D"}, //-destalias
+        {"destination.key.password",
+                "\uB300\uC0C1 \uD0A4 \uBE44\uBC00\uBC88\uD638"}, //-destkeypass
+        {"destination.keystore.name",
+                "\uB300\uC0C1 \uD0A4 \uC800\uC7A5\uC18C \uC774\uB984"}, //-destkeystore
+        {"destination.keystore.password.protected",
+                "\uB300\uC0C1 \uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638\uB85C \uBCF4\uD638\uB428"}, //-destprotected
+        {"destination.keystore.provider.name",
+                "\uB300\uC0C1 \uD0A4 \uC800\uC7A5\uC18C \uC81C\uACF5\uC790 \uC774\uB984"}, //-destprovidername
+        {"destination.keystore.password",
+                "\uB300\uC0C1 \uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638"}, //-deststorepass
+        {"destination.keystore.type",
+                "\uB300\uC0C1 \uD0A4 \uC800\uC7A5\uC18C \uC720\uD615"}, //-deststoretype
+        {"distinguished.name",
+                "\uC2DD\uBCC4 \uC774\uB984"}, //-dname
+        {"X.509.extension",
+                "X.509 \uD655\uC7A5"}, //-ext
+        {"output.file.name",
+                "\uCD9C\uB825 \uD30C\uC77C \uC774\uB984"}, //-file and -outfile
+        {"input.file.name",
+                "\uC785\uB825 \uD30C\uC77C \uC774\uB984"}, //-file and -infile
+        {"key.algorithm.name",
+                "\uD0A4 \uC54C\uACE0\uB9AC\uC998 \uC774\uB984"}, //-keyalg
+        {"key.password",
+                "\uD0A4 \uBE44\uBC00\uBC88\uD638"}, //-keypass
+        {"key.bit.size",
+                "\uD0A4 \uBE44\uD2B8 \uD06C\uAE30"}, //-keysize
+        {"keystore.name",
+                "\uD0A4 \uC800\uC7A5\uC18C \uC774\uB984"}, //-keystore
+        {"new.password",
+                "\uC0C8 \uBE44\uBC00\uBC88\uD638"}, //-new
+        {"do.not.prompt",
+                "\uD655\uC778\uD558\uC9C0 \uC54A\uC74C"}, //-noprompt
+        {"password.through.protected.mechanism",
+                "\uBCF4\uD638\uB418\uB294 \uBA54\uCEE4\uB2C8\uC998\uC744 \uD1B5\uD55C \uBE44\uBC00\uBC88\uD638"}, //-protected
+        {"provider.argument",
+                "\uC81C\uACF5\uC790 \uC778\uC218"}, //-providerarg
+        {"provider.class.name",
+                "\uC81C\uACF5\uC790 \uD074\uB798\uC2A4 \uC774\uB984"}, //-providerclass
+        {"provider.name",
+                "\uC81C\uACF5\uC790 \uC774\uB984"}, //-providername
+        {"provider.classpath",
+                "\uC81C\uACF5\uC790 \uD074\uB798\uC2A4 \uACBD\uB85C"}, //-providerpath
+        {"output.in.RFC.style",
+                "RFC \uC2A4\uD0C0\uC77C\uC758 \uCD9C\uB825"}, //-rfc
+        {"signature.algorithm.name",
+                "\uC11C\uBA85 \uC54C\uACE0\uB9AC\uC998 \uC774\uB984"}, //-sigalg
+        {"source.alias",
+                "\uC18C\uC2A4 \uBCC4\uCE6D"}, //-srcalias
+        {"source.key.password",
+                "\uC18C\uC2A4 \uD0A4 \uBE44\uBC00\uBC88\uD638"}, //-srckeypass
+        {"source.keystore.name",
+                "\uC18C\uC2A4 \uD0A4 \uC800\uC7A5\uC18C \uC774\uB984"}, //-srckeystore
+        {"source.keystore.password.protected",
+                "\uC18C\uC2A4 \uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638\uB85C \uBCF4\uD638\uB428"}, //-srcprotected
+        {"source.keystore.provider.name",
+                "\uC18C\uC2A4 \uD0A4 \uC800\uC7A5\uC18C \uC81C\uACF5\uC790 \uC774\uB984"}, //-srcprovidername
+        {"source.keystore.password",
+                "\uC18C\uC2A4 \uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638"}, //-srcstorepass
+        {"source.keystore.type",
+                "\uC18C\uC2A4 \uD0A4 \uC800\uC7A5\uC18C \uC720\uD615"}, //-srcstoretype
+        {"SSL.server.host.and.port",
+                "SSL \uC11C\uBC84 \uD638\uC2A4\uD2B8 \uBC0F \uD3EC\uD2B8"}, //-sslserver
+        {"signed.jar.file",
+                "\uC11C\uBA85\uB41C jar \uD30C\uC77C"}, //=jarfile
+        {"certificate.validity.start.date.time",
+                "\uC778\uC99D\uC11C \uC720\uD6A8 \uAE30\uAC04 \uC2DC\uC791 \uB0A0\uC9DC/\uC2DC\uAC04"}, //-startdate
+        {"keystore.password",
+                "\uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638"}, //-storepass
+        {"keystore.type",
+                "\uD0A4 \uC800\uC7A5\uC18C \uC720\uD615"}, //-storetype
+        {"trust.certificates.from.cacerts",
+                "cacerts\uC758 \uBCF4\uC548 \uC778\uC99D\uC11C"}, //-trustcacerts
+        {"verbose.output",
+                "\uC0C1\uC138 \uC815\uBCF4 \uCD9C\uB825"}, //-v
+        {"validity.number.of.days",
+                "\uC720\uD6A8 \uAE30\uAC04 \uC77C \uC218"}, //-validity
+        {"Serial.ID.of.cert.to.revoke",
+                 "\uCCA0\uD68C\uD560 \uC778\uC99D\uC11C\uC758 \uC77C\uB828 ID"}, //-id
+        // keytool: Running part
+        {"keytool.error.", "keytool \uC624\uB958: "},
+        {"Illegal.option.", "\uC798\uBABB\uB41C \uC635\uC158:   "},
+        {"Illegal.value.", "\uC798\uBABB\uB41C \uAC12: "},
+        {"Unknown.password.type.", "\uC54C \uC218 \uC5C6\uB294 \uBE44\uBC00\uBC88\uD638 \uC720\uD615: "},
+        {"Cannot.find.environment.variable.",
+                "\uD658\uACBD \uBCC0\uC218\uB97C \uCC3E\uC744 \uC218 \uC5C6\uC74C: "},
+        {"Cannot.find.file.", "\uD30C\uC77C\uC744 \uCC3E\uC744 \uC218 \uC5C6\uC74C: "},
+        {"Command.option.flag.needs.an.argument.", "\uBA85\uB839 \uC635\uC158 {0}\uC5D0 \uC778\uC218\uAC00 \uD544\uC694\uD569\uB2C8\uB2E4."},
+        {"Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value.",
+                "\uACBD\uACE0: \uB2E4\uB978 \uC800\uC7A5\uC18C \uBC0F \uD0A4 \uBE44\uBC00\uBC88\uD638\uB294 PKCS12 KeyStores\uC5D0 \uB300\uD574 \uC9C0\uC6D0\uB418\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4. \uC0AC\uC6A9\uC790\uAC00 \uC9C0\uC815\uD55C {0} \uAC12\uC744 \uBB34\uC2DC\uD558\uB294 \uC911\uC785\uB2C8\uB2E4."},
+        {".keystore.must.be.NONE.if.storetype.is.{0}",
+                "-storetype\uC774 {0}\uC778 \uACBD\uC6B0 -keystore\uB294 NONE\uC774\uC5B4\uC57C \uD569\uB2C8\uB2E4."},
+        {"Too.many.retries.program.terminated",
+                 "\uC7AC\uC2DC\uB3C4 \uD69F\uC218\uAC00 \uB108\uBB34 \uB9CE\uC544 \uD504\uB85C\uADF8\uB7A8\uC774 \uC885\uB8CC\uB418\uC5C8\uC2B5\uB2C8\uB2E4."},
+        {".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}",
+                "-storetype\uC774 {0}\uC778 \uACBD\uC6B0 -storepasswd \uBC0F -keypasswd \uBA85\uB839\uC774 \uC9C0\uC6D0\uB418\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4."},
+        {".keypasswd.commands.not.supported.if.storetype.is.PKCS12",
+                "-storetype\uC774 PKCS12\uC778 \uACBD\uC6B0 -keypasswd \uBA85\uB839\uC774 \uC9C0\uC6D0\uB418\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4."},
+        {".keypass.and.new.can.not.be.specified.if.storetype.is.{0}",
+                "-storetype\uC774 {0}\uC778 \uACBD\uC6B0 -keypass \uBC0F -new\uB97C \uC9C0\uC815\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4."},
+        {"if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified",
+                "-protected\uB97C \uC9C0\uC815\uD55C \uACBD\uC6B0 -storepass, -keypass \uBC0F -new\uB97C \uC9C0\uC815\uD558\uC9C0 \uC54A\uC544\uC57C \uD569\uB2C8\uB2E4."},
+        {"if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified",
+                "-srcprotected\uB97C \uC9C0\uC815\uD55C \uACBD\uC6B0 -srcstorepass \uBC0F -srckeypass\uB97C \uC9C0\uC815\uD558\uC9C0 \uC54A\uC544\uC57C \uD569\uB2C8\uB2E4."},
+        {"if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified",
+                "\uD0A4 \uC800\uC7A5\uC18C\uAC00 \uBE44\uBC00\uBC88\uD638\uB85C \uBCF4\uD638\uB418\uC9C0 \uC54A\uB294 \uACBD\uC6B0 -storepass, -keypass \uBC0F -new\uB97C \uC9C0\uC815\uD558\uC9C0 \uC54A\uC544\uC57C \uD569\uB2C8\uB2E4."},
+        {"if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified",
+                "\uC18C\uC2A4 \uD0A4 \uC800\uC7A5\uC18C\uAC00 \uBE44\uBC00\uBC88\uD638\uB85C \uBCF4\uD638\uB418\uC9C0 \uC54A\uB294 \uACBD\uC6B0 -srcstorepass \uBC0F -srckeypass\uB97C \uC9C0\uC815\uD558\uC9C0 \uC54A\uC544\uC57C \uD569\uB2C8\uB2E4."},
+        {"Illegal.startdate.value", "startdate \uAC12\uC774 \uC798\uBABB\uB418\uC5C8\uC2B5\uB2C8\uB2E4."},
+        {"Validity.must.be.greater.than.zero",
+                "\uC720\uD6A8 \uAE30\uAC04\uC740 0\uBCF4\uB2E4 \uCEE4\uC57C \uD569\uB2C8\uB2E4."},
+        {"provName.not.a.provider", "{0}\uC740(\uB294) \uC81C\uACF5\uC790\uAC00 \uC544\uB2D9\uB2C8\uB2E4."},
+        {"Usage.error.no.command.provided", "\uC0AC\uC6A9\uBC95 \uC624\uB958: \uBA85\uB839\uC744 \uC785\uB825\uD558\uC9C0 \uC54A\uC558\uC2B5\uB2C8\uB2E4."},
+        {"Source.keystore.file.exists.but.is.empty.", "\uC18C\uC2A4 \uD0A4 \uC800\uC7A5\uC18C \uD30C\uC77C\uC774 \uC874\uC7AC\uD558\uC9C0\uB9CC \uBE44\uC5B4 \uC788\uC74C: "},
+        {"Please.specify.srckeystore", "-srckeystore\uB97C \uC9C0\uC815\uD558\uC2ED\uC2DC\uC624."},
+        {"Must.not.specify.both.v.and.rfc.with.list.command",
+                "'list' \uBA85\uB839\uC5D0 -v\uC640 -rfc\uB97C \uD568\uAED8 \uC9C0\uC815\uD558\uC9C0 \uC54A\uC544\uC57C \uD569\uB2C8\uB2E4."},
+        {"Key.password.must.be.at.least.6.characters",
+                "\uD0A4 \uBE44\uBC00\uBC88\uD638\uB294 6\uC790 \uC774\uC0C1\uC774\uC5B4\uC57C \uD569\uB2C8\uB2E4."},
+        {"New.password.must.be.at.least.6.characters",
+                "\uC0C8 \uBE44\uBC00\uBC88\uD638\uB294 6\uC790 \uC774\uC0C1\uC774\uC5B4\uC57C \uD569\uB2C8\uB2E4."},
+        {"Keystore.file.exists.but.is.empty.",
+                "\uD0A4 \uC800\uC7A5\uC18C \uD30C\uC77C\uC774 \uC874\uC7AC\uD558\uC9C0\uB9CC \uBE44\uC5B4 \uC788\uC74C: "},
+        {"Keystore.file.does.not.exist.",
+                "\uD0A4 \uC800\uC7A5\uC18C \uD30C\uC77C\uC774 \uC874\uC7AC\uD558\uC9C0 \uC54A\uC74C: "},
+        {"Must.specify.destination.alias", "\uB300\uC0C1 \uBCC4\uCE6D\uC744 \uC9C0\uC815\uD574\uC57C \uD569\uB2C8\uB2E4."},
+        {"Must.specify.alias", "\uBCC4\uCE6D\uC744 \uC9C0\uC815\uD574\uC57C \uD569\uB2C8\uB2E4."},
+        {"Keystore.password.must.be.at.least.6.characters",
+                "\uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638\uB294 6\uC790 \uC774\uC0C1\uC774\uC5B4\uC57C \uD569\uB2C8\uB2E4."},
+        {"Enter.keystore.password.", "\uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638 \uC785\uB825:  "},
+        {"Enter.source.keystore.password.", "\uC18C\uC2A4 \uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638 \uC785\uB825:  "},
+        {"Enter.destination.keystore.password.", "\uB300\uC0C1 \uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638 \uC785\uB825:  "},
+        {"Keystore.password.is.too.short.must.be.at.least.6.characters",
+         "\uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638\uAC00 \uB108\uBB34 \uC9E7\uC74C - 6\uC790 \uC774\uC0C1\uC774\uC5B4\uC57C \uD569\uB2C8\uB2E4."},
+        {"Unknown.Entry.Type", "\uC54C \uC218 \uC5C6\uB294 \uD56D\uBAA9 \uC720\uD615"},
+        {"Too.many.failures.Alias.not.changed", "\uC624\uB958\uAC00 \uB108\uBB34 \uB9CE\uC2B5\uB2C8\uB2E4. \uBCC4\uCE6D\uC774 \uBCC0\uACBD\uB418\uC9C0 \uC54A\uC558\uC2B5\uB2C8\uB2E4."},
+        {"Entry.for.alias.alias.successfully.imported.",
+                 "{0} \uBCC4\uCE6D\uC5D0 \uB300\uD55C \uD56D\uBAA9\uC774 \uC131\uACF5\uC801\uC73C\uB85C \uC784\uD3EC\uD2B8\uB418\uC5C8\uC2B5\uB2C8\uB2E4."},
+        {"Entry.for.alias.alias.not.imported.", "{0} \uBCC4\uCE6D\uC5D0 \uB300\uD55C \uD56D\uBAA9\uC774 \uC784\uD3EC\uD2B8\uB418\uC9C0 \uC54A\uC558\uC2B5\uB2C8\uB2E4."},
+        {"Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported.",
+                 "{0} \uBCC4\uCE6D\uC5D0 \uB300\uD55C \uD56D\uBAA9\uC744 \uC784\uD3EC\uD2B8\uD558\uB294 \uC911 \uBB38\uC81C \uBC1C\uC0DD: {1}.\n{0} \uBCC4\uCE6D\uC5D0 \uB300\uD55C \uD56D\uBAA9\uC774 \uC784\uD3EC\uD2B8\uB418\uC9C0 \uC54A\uC558\uC2B5\uB2C8\uB2E4."},
+        {"Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled",
+                 "\uC784\uD3EC\uD2B8 \uBA85\uB839 \uC644\uB8CC: \uC131\uACF5\uC801\uC73C\uB85C \uC784\uD3EC\uD2B8\uB41C \uD56D\uBAA9\uC740 {0}\uAC1C, \uC2E4\uD328\uD558\uAC70\uB098 \uCDE8\uC18C\uB41C \uD56D\uBAA9\uC740 {1}\uAC1C\uC785\uB2C8\uB2E4."},
+        {"Warning.Overwriting.existing.alias.alias.in.destination.keystore",
+                 "\uACBD\uACE0: \uB300\uC0C1 \uD0A4 \uC800\uC7A5\uC18C\uC5D0\uC11C \uAE30\uC874 \uBCC4\uCE6D {0}\uC744(\uB97C) \uACB9\uCCD0 \uC4F0\uB294 \uC911"},
+        {"Existing.entry.alias.alias.exists.overwrite.no.",
+                 "\uAE30\uC874 \uD56D\uBAA9 \uBCC4\uCE6D {0}\uC774(\uAC00) \uC874\uC7AC\uD569\uB2C8\uB2E4. \uACB9\uCCD0 \uC4F0\uACA0\uC2B5\uB2C8\uAE4C? [\uC544\uB2C8\uC624]:  "},
+        {"Too.many.failures.try.later", "\uC624\uB958\uAC00 \uB108\uBB34 \uB9CE\uC74C - \uB098\uC911\uC5D0 \uC2DC\uB3C4\uD558\uC2ED\uC2DC\uC624."},
+        {"Certification.request.stored.in.file.filename.",
+                "\uC778\uC99D \uC694\uCCAD\uC774 <{0}> \uD30C\uC77C\uC5D0 \uC800\uC7A5\uB418\uC5C8\uC2B5\uB2C8\uB2E4."},
+        {"Submit.this.to.your.CA", "CA\uC5D0\uAC8C \uC81C\uCD9C\uD558\uC2ED\uC2DC\uC624."},
+        {"if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified",
+            "\uBCC4\uCE6D\uC744 \uC9C0\uC815\uD558\uC9C0 \uC54A\uC740 \uACBD\uC6B0 destalias, srckeypass \uBC0F destkeypass\uB97C \uC9C0\uC815\uD558\uC9C0 \uC54A\uC544\uC57C \uD569\uB2C8\uB2E4."},
+        {"Certificate.stored.in.file.filename.",
+                "\uC778\uC99D\uC11C\uAC00 <{0}> \uD30C\uC77C\uC5D0 \uC800\uC7A5\uB418\uC5C8\uC2B5\uB2C8\uB2E4."},
+        {"Certificate.reply.was.installed.in.keystore",
+                "\uC778\uC99D\uC11C \uD68C\uC2E0\uC774 \uD0A4 \uC800\uC7A5\uC18C\uC5D0 \uC124\uCE58\uB418\uC5C8\uC2B5\uB2C8\uB2E4."},
+        {"Certificate.reply.was.not.installed.in.keystore",
+                "\uC778\uC99D\uC11C \uD68C\uC2E0\uC774 \uD0A4 \uC800\uC7A5\uC18C\uC5D0 \uC124\uCE58\uB418\uC9C0 \uC54A\uC558\uC2B5\uB2C8\uB2E4."},
+        {"Certificate.was.added.to.keystore",
+                "\uC778\uC99D\uC11C\uAC00 \uD0A4 \uC800\uC7A5\uC18C\uC5D0 \uCD94\uAC00\uB418\uC5C8\uC2B5\uB2C8\uB2E4."},
+        {"Certificate.was.not.added.to.keystore",
+                "\uC778\uC99D\uC11C\uAC00 \uD0A4 \uC800\uC7A5\uC18C\uC5D0 \uCD94\uAC00\uB418\uC9C0 \uC54A\uC558\uC2B5\uB2C8\uB2E4."},
+        {".Storing.ksfname.", "[{0}\uC744(\uB97C) \uC800\uC7A5\uD558\uB294 \uC911]"},
+        {"alias.has.no.public.key.certificate.",
+                "{0}\uC5D0 \uACF5\uC6A9 \uD0A4(\uC778\uC99D\uC11C)\uAC00 \uC5C6\uC2B5\uB2C8\uB2E4."},
+        {"Cannot.derive.signature.algorithm",
+                "\uC11C\uBA85 \uC54C\uACE0\uB9AC\uC998\uC744 \uD30C\uC0DD\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4."},
+        {"Alias.alias.does.not.exist",
+                "<{0}> \uBCC4\uCE6D\uC774 \uC874\uC7AC\uD558\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4."},
+        {"Alias.alias.has.no.certificate",
+                "<{0}> \uBCC4\uCE6D\uC5D0 \uC778\uC99D\uC11C\uAC00 \uC5C6\uC2B5\uB2C8\uB2E4."},
+        {"Key.pair.not.generated.alias.alias.already.exists",
+                "\uD0A4 \uC30D\uC774 \uC0DD\uC131\uB418\uC9C0 \uC54A\uC558\uC73C\uBA70 <{0}> \uBCC4\uCE6D\uC774 \uC874\uC7AC\uD569\uB2C8\uB2E4."},
+        {"Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for",
+                "\uB2E4\uC74C\uC5D0 \uB300\uD574 \uC720\uD6A8 \uAE30\uAC04\uC774 {3}\uC77C\uC778 {0}\uBE44\uD2B8 {1} \uD0A4 \uC30D \uBC0F \uC790\uCCB4 \uC11C\uBA85\uB41C \uC778\uC99D\uC11C({2})\uB97C \uC0DD\uC131\uD558\uB294 \uC911\n\t: {4}"},
+        {"Enter.key.password.for.alias.", "<{0}>\uC5D0 \uB300\uD55C \uD0A4 \uBE44\uBC00\uBC88\uD638\uB97C \uC785\uB825\uD558\uC2ED\uC2DC\uC624."},
+        {".RETURN.if.same.as.keystore.password.",
+                "\t(\uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638\uC640 \uB3D9\uC77C\uD55C \uACBD\uC6B0 Enter \uD0A4\uB97C \uB204\uB984):  "},
+        {"Key.password.is.too.short.must.be.at.least.6.characters",
+                "\uD0A4 \uBE44\uBC00\uBC88\uD638\uAC00 \uB108\uBB34 \uC9E7\uC74C - 6\uC790 \uC774\uC0C1\uC774\uC5B4\uC57C \uD569\uB2C8\uB2E4."},
+        {"Too.many.failures.key.not.added.to.keystore",
+                "\uC624\uB958\uAC00 \uB108\uBB34 \uB9CE\uC74C - \uD0A4 \uC800\uC7A5\uC18C\uC5D0 \uD0A4\uAC00 \uCD94\uAC00\uB418\uC9C0 \uC54A\uC558\uC2B5\uB2C8\uB2E4."},
+        {"Destination.alias.dest.already.exists",
+                "\uB300\uC0C1 \uBCC4\uCE6D <{0}>\uC774(\uAC00) \uC874\uC7AC\uD569\uB2C8\uB2E4."},
+        {"Password.is.too.short.must.be.at.least.6.characters",
+                "\uBE44\uBC00\uBC88\uD638\uAC00 \uB108\uBB34 \uC9E7\uC74C - 6\uC790 \uC774\uC0C1\uC774\uC5B4\uC57C \uD569\uB2C8\uB2E4."},
+        {"Too.many.failures.Key.entry.not.cloned",
+                "\uC624\uB958\uAC00 \uB108\uBB34 \uB9CE\uC2B5\uB2C8\uB2E4. \uD0A4 \uD56D\uBAA9\uC774 \uBCF5\uC81C\uB418\uC9C0 \uC54A\uC558\uC2B5\uB2C8\uB2E4."},
+        {"key.password.for.alias.", "<{0}>\uC5D0 \uB300\uD55C \uD0A4 \uBE44\uBC00\uBC88\uD638"},
+        {"Keystore.entry.for.id.getName.already.exists",
+                "<{0}>\uC5D0 \uB300\uD55C \uD0A4 \uC800\uC7A5\uC18C \uD56D\uBAA9\uC774 \uC874\uC7AC\uD569\uB2C8\uB2E4."},
+        {"Creating.keystore.entry.for.id.getName.",
+                "<{0}>\uC5D0 \uB300\uD55C \uD0A4 \uC800\uC7A5\uC18C \uD56D\uBAA9\uC744 \uC0DD\uC131\uD558\uB294 \uC911..."},
+        {"No.entries.from.identity.database.added",
+                "ID \uB370\uC774\uD130\uBCA0\uC774\uC2A4\uC5D0\uC11C \uCD94\uAC00\uB41C \uD56D\uBAA9\uC774 \uC5C6\uC2B5\uB2C8\uB2E4."},
+        {"Alias.name.alias", "\uBCC4\uCE6D \uC774\uB984: {0}"},
+        {"Creation.date.keyStore.getCreationDate.alias.",
+                "\uC0DD\uC131 \uB0A0\uC9DC: {0,date}"},
+        {"alias.keyStore.getCreationDate.alias.",
+                "{0}, {1,date}, "},
+        {"alias.", "{0}, "},
+        {"Entry.type.type.", "\uD56D\uBAA9 \uC720\uD615: {0}"},
+        {"Certificate.chain.length.", "\uC778\uC99D\uC11C \uCCB4\uC778 \uAE38\uC774: "},
+        {"Certificate.i.1.", "\uC778\uC99D\uC11C[{0,number,integer}]:"},
+        {"Certificate.fingerprint.SHA1.", "\uC778\uC99D\uC11C \uC9C0\uBB38(SHA1): "},
+        {"Keystore.type.", "\uD0A4 \uC800\uC7A5\uC18C \uC720\uD615: "},
+        {"Keystore.provider.", "\uD0A4 \uC800\uC7A5\uC18C \uC81C\uACF5\uC790: "},
+        {"Your.keystore.contains.keyStore.size.entry",
+                "\uD0A4 \uC800\uC7A5\uC18C\uC5D0 {0,number,integer}\uAC1C\uC758 \uD56D\uBAA9\uC774 \uD3EC\uD568\uB418\uC5B4 \uC788\uC2B5\uB2C8\uB2E4."},
+        {"Your.keystore.contains.keyStore.size.entries",
+                "\uD0A4 \uC800\uC7A5\uC18C\uC5D0 {0,number,integer}\uAC1C\uC758 \uD56D\uBAA9\uC774 \uD3EC\uD568\uB418\uC5B4 \uC788\uC2B5\uB2C8\uB2E4."},
+        {"Failed.to.parse.input", "\uC785\uB825\uAC12\uC758 \uAD6C\uBB38 \uBD84\uC11D\uC744 \uC2E4\uD328\uD588\uC2B5\uB2C8\uB2E4."},
+        {"Empty.input", "\uC785\uB825\uAC12\uC774 \uBE44\uC5B4 \uC788\uC2B5\uB2C8\uB2E4."},
+        {"Not.X.509.certificate", "X.509 \uC778\uC99D\uC11C\uAC00 \uC544\uB2D9\uB2C8\uB2E4."},
+        {"alias.has.no.public.key", "{0}\uC5D0 \uACF5\uC6A9 \uD0A4\uAC00 \uC5C6\uC2B5\uB2C8\uB2E4."},
+        {"alias.has.no.X.509.certificate", "{0}\uC5D0 X.509 \uC778\uC99D\uC11C\uAC00 \uC5C6\uC2B5\uB2C8\uB2E4."},
+        {"New.certificate.self.signed.", "\uC0C8 \uC778\uC99D\uC11C(\uC790\uCCB4 \uC11C\uBA85):"},
+        {"Reply.has.no.certificates", "\uD68C\uC2E0\uC5D0 \uC778\uC99D\uC11C\uAC00 \uC5C6\uC2B5\uB2C8\uB2E4."},
+        {"Certificate.not.imported.alias.alias.already.exists",
+                "\uC778\uC99D\uC11C\uAC00 \uC784\uD3EC\uD2B8\uB418\uC9C0 \uC54A\uC558\uC73C\uBA70 <{0}> \uBCC4\uCE6D\uC774 \uC874\uC7AC\uD569\uB2C8\uB2E4."},
+        {"Input.not.an.X.509.certificate", "\uC785\uB825\uC774 X.509 \uC778\uC99D\uC11C\uAC00 \uC544\uB2D9\uB2C8\uB2E4."},
+        {"Certificate.already.exists.in.keystore.under.alias.trustalias.",
+                "\uC778\uC99D\uC11C\uAC00 <{0}> \uBCC4\uCE6D \uC544\uB798\uC758 \uD0A4 \uC800\uC7A5\uC18C\uC5D0 \uC874\uC7AC\uD569\uB2C8\uB2E4."},
+        {"Do.you.still.want.to.add.it.no.",
+                "\uCD94\uAC00\uD558\uACA0\uC2B5\uB2C8\uAE4C? [\uC544\uB2C8\uC624]:  "},
+        {"Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias.",
+                "\uC778\uC99D\uC11C\uAC00 <{0}> \uBCC4\uCE6D \uC544\uB798\uC5D0 \uC788\uB294 \uC2DC\uC2A4\uD15C \uCC28\uC6D0\uC758 CA \uD0A4 \uC800\uC7A5\uC18C\uC5D0 \uC874\uC7AC\uD569\uB2C8\uB2E4."},
+        {"Do.you.still.want.to.add.it.to.your.own.keystore.no.",
+                "\uACE0\uC720\uD55C \uD0A4 \uC800\uC7A5\uC18C\uC5D0 \uCD94\uAC00\uD558\uACA0\uC2B5\uB2C8\uAE4C? [\uC544\uB2C8\uC624]:  "},
+        {"Trust.this.certificate.no.", "\uC774 \uC778\uC99D\uC11C\uB97C \uC2E0\uB8B0\uD569\uB2C8\uAE4C? [\uC544\uB2C8\uC624]:  "},
+        {"YES", "\uC608"},
+        {"New.prompt.", "\uC0C8 {0}: "},
+        {"Passwords.must.differ", "\uBE44\uBC00\uBC88\uD638\uB294 \uB2EC\uB77C\uC57C \uD569\uB2C8\uB2E4."},
+        {"Re.enter.new.prompt.", "\uC0C8 {0} \uB2E4\uC2DC \uC785\uB825: "},
+        {"Re.enter.new.password.", "\uC0C8 \uBE44\uBC00\uBC88\uD638 \uB2E4\uC2DC \uC785\uB825: "},
+        {"They.don.t.match.Try.again", "\uC77C\uCE58\uD558\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4. \uB2E4\uC2DC \uC2DC\uB3C4\uD558\uC2ED\uC2DC\uC624."},
+        {"Enter.prompt.alias.name.", "{0} \uBCC4\uCE6D \uC774\uB984 \uC785\uB825:  "},
+        {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
+                 "\uC0C8 \uBCC4\uCE6D \uC774\uB984 \uC785\uB825\t(\uC774 \uD56D\uBAA9\uC5D0 \uB300\uD55C \uC784\uD3EC\uD2B8\uB97C \uCDE8\uC18C\uD558\uB824\uBA74 Enter \uD0A4\uB97C \uB204\uB984):  "},
+        {"Enter.alias.name.", "\uBCC4\uCE6D \uC774\uB984 \uC785\uB825:  "},
+        {".RETURN.if.same.as.for.otherAlias.",
+                "\t(<{0}>\uACFC(\uC640) \uB3D9\uC77C\uD55C \uACBD\uC6B0 Enter \uD0A4\uB97C \uB204\uB984)"},
+        {".PATTERN.printX509Cert",
+                "\uC18C\uC720\uC790: {0}\n\uBC1C\uD589\uC790: {1}\n\uC77C\uB828 \uBC88\uD638: {2}\n\uC801\uD569\uD55C \uC2DC\uC791 \uB0A0\uC9DC: {3}, \uC885\uB8CC \uB0A0\uC9DC: {4}\n\uC778\uC99D\uC11C \uC9C0\uBB38:\n\t MD5: {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t \uC11C\uBA85 \uC54C\uACE0\uB9AC\uC998 \uC774\uB984: {8}\n\t \uBC84\uC804: {9}"},
+        {"What.is.your.first.and.last.name.",
+                "\uC774\uB984\uACFC \uC131\uC744 \uC785\uB825\uD558\uC2ED\uC2DC\uC624."},
+        {"What.is.the.name.of.your.organizational.unit.",
+                "\uC870\uC9C1 \uB2E8\uC704 \uC774\uB984\uC744 \uC785\uB825\uD558\uC2ED\uC2DC\uC624."},
+        {"What.is.the.name.of.your.organization.",
+                "\uC870\uC9C1 \uC774\uB984\uC744 \uC785\uB825\uD558\uC2ED\uC2DC\uC624."},
+        {"What.is.the.name.of.your.City.or.Locality.",
+                "\uAD6C/\uAD70/\uC2DC \uC774\uB984\uC744 \uC785\uB825\uD558\uC2ED\uC2DC\uC624?"},
+        {"What.is.the.name.of.your.State.or.Province.",
+                "\uC2DC/\uB3C4 \uC774\uB984\uC744 \uC785\uB825\uD558\uC2ED\uC2DC\uC624."},
+        {"What.is.the.two.letter.country.code.for.this.unit.",
+                "\uC774 \uC870\uC9C1\uC758 \uB450 \uC790\uB9AC \uAD6D\uAC00 \uCF54\uB4DC\uB97C \uC785\uB825\uD558\uC2ED\uC2DC\uC624."},
+        {"Is.name.correct.", "{0}\uC774(\uAC00) \uB9DE\uC2B5\uB2C8\uAE4C?"},
+        {"no", "\uC544\uB2C8\uC624"},
+        {"yes", "\uC608"},
+        {"y", "y"},
+        {".defaultValue.", "  [{0}]:  "},
+        {"Alias.alias.has.no.key",
+                "<{0}> \uBCC4\uCE6D\uC5D0 \uD0A4\uAC00 \uC5C6\uC2B5\uB2C8\uB2E4."},
+        {"Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key",
+                 "<{0}> \uBCC4\uCE6D\uC740 \uC804\uC6A9 \uD0A4 \uD56D\uBAA9\uC774 \uC544\uB2CC \uD56D\uBAA9 \uC720\uD615\uC744 \uCC38\uC870\uD569\uB2C8\uB2E4. -keyclone \uBA85\uB839\uC740 \uC804\uC6A9 \uD0A4 \uD56D\uBAA9\uC758 \uBCF5\uC81C\uB9CC \uC9C0\uC6D0\uD569\uB2C8\uB2E4."},
+
+        {".WARNING.WARNING.WARNING.",
+            "*****************  \uACBD\uACE0 \uACBD\uACE0 \uACBD\uACE0  *****************"},
+        {"Signer.d.", "\uC11C\uBA85\uC790 #%d:"},
+        {"Timestamp.", "\uC2DC\uAC04 \uAE30\uB85D:"},
+        {"Signature.", "\uC11C\uBA85:"},
+        {"CRLs.", "CRL:"},
+        {"Certificate.owner.", "\uC778\uC99D\uC11C \uC18C\uC720\uC790: "},
+        {"Not.a.signed.jar.file", "\uC11C\uBA85\uB41C jar \uD30C\uC77C\uC774 \uC544\uB2D9\uB2C8\uB2E4."},
+        {"No.certificate.from.the.SSL.server",
+                "SSL \uC11C\uBC84\uC5D0\uC11C \uAC00\uC838\uC628 \uC778\uC99D\uC11C\uAC00 \uC5C6\uC2B5\uB2C8\uB2E4."},
+
+        {".The.integrity.of.the.information.stored.in.your.keystore.",
+            "* \uD0A4 \uC800\uC7A5\uC18C\uC5D0 \uC800\uC7A5\uB41C \uC815\uBCF4\uC758 \uBB34\uACB0\uC131\uC774  *\n* \uD655\uC778\uB418\uC9C0 \uC54A\uC558\uC2B5\uB2C8\uB2E4! \uBB34\uACB0\uC131\uC744 \uD655\uC778\uD558\uB824\uBA74, *\n* \uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638\uB97C \uC81C\uACF5\uD574\uC57C \uD569\uB2C8\uB2E4.                  *"},
+        {".The.integrity.of.the.information.stored.in.the.srckeystore.",
+            "* srckeystore\uC5D0 \uC800\uC7A5\uB41C \uC815\uBCF4\uC758 \uBB34\uACB0\uC131\uC774  *\n* \uD655\uC778\uB418\uC9C0 \uC54A\uC558\uC2B5\uB2C8\uB2E4! \uBB34\uACB0\uC131\uC744 \uD655\uC778\uD558\uB824\uBA74, *\n* srckeystore \uBE44\uBC00\uBC88\uD638\uB97C \uC81C\uACF5\uD574\uC57C \uD569\uB2C8\uB2E4.                  *"},
+
+        {"Certificate.reply.does.not.contain.public.key.for.alias.",
+                "\uC778\uC99D\uC11C \uD68C\uC2E0\uC5D0 <{0}>\uC5D0 \uB300\uD55C \uACF5\uC6A9 \uD0A4\uAC00 \uD3EC\uD568\uB418\uC5B4 \uC788\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4."},
+        {"Incomplete.certificate.chain.in.reply",
+                "\uD68C\uC2E0\uC5D0 \uBD88\uC644\uC804\uD55C \uC778\uC99D\uC11C \uCCB4\uC778\uC774 \uC788\uC2B5\uB2C8\uB2E4."},
+        {"Certificate.chain.in.reply.does.not.verify.",
+                "\uD68C\uC2E0\uC758 \uC778\uC99D\uC11C \uCCB4\uC778\uC774 \uD655\uC778\uB418\uC9C0 \uC54A\uC74C: "},
+        {"Top.level.certificate.in.reply.",
+                "\uD68C\uC2E0\uC5D0 \uCD5C\uC0C1\uC704 \uB808\uBCA8 \uC778\uC99D\uC11C\uAC00 \uC788\uC74C:\n"},
+        {".is.not.trusted.", "...\uC744(\uB97C) \uC2E0\uB8B0\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4. "},
+        {"Install.reply.anyway.no.", "\uD68C\uC2E0\uC744 \uC124\uCE58\uD558\uACA0\uC2B5\uB2C8\uAE4C? [\uC544\uB2C8\uC624]:  "},
+        {"NO", "\uC544\uB2C8\uC624"},
+        {"Public.keys.in.reply.and.keystore.don.t.match",
+                "\uD68C\uC2E0\uACFC \uD0A4 \uC800\uC7A5\uC18C\uC758 \uACF5\uC6A9 \uD0A4\uAC00 \uC77C\uCE58\uD558\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4."},
+        {"Certificate.reply.and.certificate.in.keystore.are.identical",
+                "\uD68C\uC2E0\uACFC \uD0A4 \uC800\uC7A5\uC18C\uC758 \uC778\uC99D\uC11C\uAC00 \uB3D9\uC77C\uD569\uB2C8\uB2E4."},
+        {"Failed.to.establish.chain.from.reply",
+                "\uD68C\uC2E0\uC758 \uCCB4\uC778 \uC124\uC815\uC744 \uC2E4\uD328\uD588\uC2B5\uB2C8\uB2E4."},
+        {"n", "n"},
+        {"Wrong.answer.try.again", "\uC798\uBABB\uB41C \uC751\uB2F5\uC785\uB2C8\uB2E4. \uB2E4\uC2DC \uC2DC\uB3C4\uD558\uC2ED\uC2DC\uC624."},
+        {"Secret.key.not.generated.alias.alias.already.exists",
+                "\uBCF4\uC548 \uD0A4\uAC00 \uC0DD\uC131\uB418\uC9C0 \uC54A\uC558\uC73C\uBA70 <{0}> \uBCC4\uCE6D\uC774 \uC874\uC7AC\uD569\uB2C8\uB2E4."},
+        {"Please.provide.keysize.for.secret.key.generation",
+                "\uBCF4\uC548 \uD0A4\uB97C \uC0DD\uC131\uD558\uB824\uBA74 -keysize\uB97C \uC81C\uACF5\uD558\uC2ED\uC2DC\uC624."},
+
+        {"Extensions.", "\uD655\uC7A5: "},
+        {".Empty.value.", "(\uBE44\uC5B4 \uC788\uB294 \uAC12)"},
+        {"Extension.Request.", "\uD655\uC7A5 \uC694\uCCAD:"},
+        {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
+                "PKCS #10 \uC778\uC99D\uC11C \uC694\uCCAD(1.0 \uBC84\uC804)\n\uC81C\uBAA9: %s\n\uACF5\uC6A9 \uD0A4: %s \uD615\uC2DD %s \uD0A4\n"},
+        {"Unknown.keyUsage.type.", "\uC54C \uC218 \uC5C6\uB294 keyUsage \uC720\uD615: "},
+        {"Unknown.extendedkeyUsage.type.", "\uC54C \uC218 \uC5C6\uB294 extendedkeyUsage \uC720\uD615: "},
+        {"Unknown.AccessDescription.type.", "\uC54C \uC218 \uC5C6\uB294 AccessDescription \uC720\uD615: "},
+        {"Unrecognized.GeneralName.type.", "\uC54C \uC218 \uC5C6\uB294 GeneralName \uC720\uD615: "},
+        {"This.extension.cannot.be.marked.as.critical.",
+                 "\uC774 \uD655\uC7A5\uC740 \uC911\uC694\uD55C \uAC83\uC73C\uB85C \uD45C\uC2DC\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4. "},
+        {"Odd.number.of.hex.digits.found.", "\uD640\uC218 \uAC1C\uC758 16\uC9C4\uC218\uAC00 \uBC1C\uACAC\uB428: "},
+        {"Unknown.extension.type.", "\uC54C \uC218 \uC5C6\uB294 \uD655\uC7A5 \uC720\uD615: "},
+        {"command.{0}.is.ambiguous.", "{0} \uBA85\uB839\uC774 \uBAA8\uD638\uD568:"}
+    };
+
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/keytool/Resources_pt_BR.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,431 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.keytool;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for the keytool.
+ *
+ */
+public class Resources_pt_BR extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+        {"NEWLINE", "\n"},
+        {"STAR",
+                "*******************************************"},
+        {"STARNN",
+                "*******************************************\n\n"},
+
+        // keytool: Help part
+// "Option" should be translated.
+        {".OPTION.", " [Op\u00E7\u00E3o]..."},
+        {"Options.", "Op\u00E7\u00F5es:"},
+        {"Use.keytool.help.for.all.available.commands",
+                 "Use \"keytool -help\" para todos os comandos dispon\u00EDveis"},
+        {"Key.and.Certificate.Management.Tool",
+                 "Ferramenta de Gerenciamento de Chave e Certificado"},
+        {"Commands.", "Comandos:"},
+        {"Use.keytool.command.name.help.for.usage.of.command.name",
+                "Use \"keytool -command_name -help\" para uso de command_name"},
+        // keytool: help: commands
+        {"Generates.a.certificate.request",
+                "Gera uma solicita\u00E7\u00E3o de certificado"}, //-certreq
+        {"Changes.an.entry.s.alias",
+                "Altera um alias de entrada"}, //-changealias
+        {"Deletes.an.entry",
+                "Deleta uma entrada"}, //-delete
+        {"Exports.certificate",
+                "Exporta o certificado"}, //-exportcert
+        {"Generates.a.key.pair",
+                "Gera um par de chaves"}, //-genkeypair
+// translation of "secret" key should be different to "private" key.
+        {"Generates.a.secret.key",
+                "Gera uma chave Secreta"}, //-genseckey
+        {"Generates.certificate.from.a.certificate.request",
+                "Gera um certificado de uma solicita\u00E7\u00E3o de certificado"}, //-gencert
+        {"Generates.CRL", "Gera CRL"}, //-gencrl
+        {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
+                "Importa entradas de um banco de dados de identidade JDK 1.1.x-style"}, //-identitydb
+        {"Imports.a.certificate.or.a.certificate.chain",
+                "Importa um certificado ou uma cadeia de certificados"}, //-importcert
+        {"Imports.one.or.all.entries.from.another.keystore",
+                "Importa uma ou todas as entradas de outra \u00E1rea de armazenamento de chaves"}, //-importkeystore
+        {"Clones.a.key.entry",
+                "Clona uma entrada de chave"}, //-keyclone
+        {"Changes.the.key.password.of.an.entry",
+                "Altera a senha da chave de uma entrada"}, //-keypasswd
+        {"Lists.entries.in.a.keystore",
+                "Lista entradas em uma \u00E1rea de armazenamento de chaves"}, //-list
+        {"Prints.the.content.of.a.certificate",
+                "Imprime o conte\u00FAdo de um certificado"}, //-printcert
+        {"Prints.the.content.of.a.certificate.request",
+                "Imprime o conte\u00FAdo de uma solicita\u00E7\u00E3o de certificado"}, //-printcertreq
+        {"Prints.the.content.of.a.CRL.file",
+                "Imprime o conte\u00FAdo de um arquivo CRL"}, //-printcrl
+        {"Generates.a.self.signed.certificate",
+                "Gera um certificado autoassinado"}, //-selfcert
+        {"Changes.the.store.password.of.a.keystore",
+                "Altera a senha de armazenamento de uma \u00E1rea de armazenamento de chaves"}, //-storepasswd
+        // keytool: help: options
+        {"alias.name.of.the.entry.to.process",
+                "nome do alias da entrada a ser processada"}, //-alias
+        {"destination.alias",
+                "alias de destino"}, //-destalias
+        {"destination.key.password",
+                "senha da chave de destino"}, //-destkeypass
+        {"destination.keystore.name",
+                "nome da \u00E1rea de armazenamento de chaves de destino"}, //-destkeystore
+        {"destination.keystore.password.protected",
+                "senha protegida da \u00E1rea de armazenamento de chaves de destino"}, //-destprotected
+        {"destination.keystore.provider.name",
+                "nome do fornecedor da \u00E1rea de armazenamento de chaves de destino"}, //-destprovidername
+        {"destination.keystore.password",
+                "senha da \u00E1rea de armazenamento de chaves de destino"}, //-deststorepass
+        {"destination.keystore.type",
+                "tipo de \u00E1rea de armazenamento de chaves de destino"}, //-deststoretype
+        {"distinguished.name",
+                "nome distinto"}, //-dname
+        {"X.509.extension",
+                "extens\u00E3o X.509"}, //-ext
+        {"output.file.name",
+                "nome do arquivo de sa\u00EDda"}, //-file and -outfile
+        {"input.file.name",
+                "nome do arquivo de entrada"}, //-file and -infile
+        {"key.algorithm.name",
+                "nome do algoritmo da chave"}, //-keyalg
+        {"key.password",
+                "senha da chave"}, //-keypass
+        {"key.bit.size",
+                "tamanho do bit da chave"}, //-keysize
+        {"keystore.name",
+                "nome da \u00E1rea de armazenamento de chaves"}, //-keystore
+        {"new.password",
+                "nova senha"}, //-new
+        {"do.not.prompt",
+                "n\u00E3o perguntar"}, //-noprompt
+        {"password.through.protected.mechanism",
+                "senha por meio de mecanismo protegido"}, //-protected
+        {"provider.argument",
+                "argumento do fornecedor"}, //-providerarg
+        {"provider.class.name",
+                "nome da classe do fornecedor"}, //-providerclass
+        {"provider.name",
+                "nome do fornecedor"}, //-providername
+        {"provider.classpath",
+                "classpath do fornecedor"}, //-providerpath
+        {"output.in.RFC.style",
+                "sa\u00EDda no estilo RFC"}, //-rfc
+        {"signature.algorithm.name",
+                "nome do algoritmo de assinatura"}, //-sigalg
+        {"source.alias",
+                "alias de origem"}, //-srcalias
+        {"source.key.password",
+                "senha da chave de origem"}, //-srckeypass
+        {"source.keystore.name",
+                "nome da \u00E1rea de armazenamento de chaves de origem"}, //-srckeystore
+        {"source.keystore.password.protected",
+                "senha protegida da \u00E1rea de armazenamento de chaves de origem"}, //-srcprotected
+        {"source.keystore.provider.name",
+                "nome do fornecedor da \u00E1rea de armazenamento de chaves de origem"}, //-srcprovidername
+        {"source.keystore.password",
+                "senha da \u00E1rea de armazenamento de chaves de origem"}, //-srcstorepass
+        {"source.keystore.type",
+                "tipo de \u00E1rea de armazenamento de chaves de origem"}, //-srcstoretype
+        {"SSL.server.host.and.port",
+                "porta e host do servidor SSL"}, //-sslserver
+        {"signed.jar.file",
+                "arquivo jar assinado"}, //=jarfile
+        {"certificate.validity.start.date.time",
+                "data/hora inicial de validade do certificado"}, //-startdate
+        {"keystore.password",
+                "senha da \u00E1rea de armazenamento de chaves"}, //-storepass
+        {"keystore.type",
+                "tipo de \u00E1rea de armazenamento de chaves"}, //-storetype
+        {"trust.certificates.from.cacerts",
+                "certificados confi\u00E1veis do cacerts"}, //-trustcacerts
+        {"verbose.output",
+                "sa\u00EDda detalhada"}, //-v
+        {"validity.number.of.days",
+                "n\u00FAmero de dias da validade"}, //-validity
+        {"Serial.ID.of.cert.to.revoke",
+                 "ID de s\u00E9rie do certificado a ser revogado"}, //-id
+        // keytool: Running part
+        {"keytool.error.", "erro de keytool: "},
+        {"Illegal.option.", "Op\u00E7\u00E3o inv\u00E1lida:  "},
+        {"Illegal.value.", "Valor inv\u00E1lido: "},
+        {"Unknown.password.type.", "Tipo de senha desconhecido: "},
+        {"Cannot.find.environment.variable.",
+                "N\u00E3o \u00E9 poss\u00EDvel localizar a vari\u00E1vel do ambiente: "},
+        {"Cannot.find.file.", "N\u00E3o \u00E9 poss\u00EDvel localizar o arquivo: "},
+        {"Command.option.flag.needs.an.argument.", "A op\u00E7\u00E3o de comando {0} precisa de um argumento."},
+        {"Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value.",
+                "Advert\u00EAncia: Senhas de chave e de armazenamento diferentes n\u00E3o suportadas para KeyStores PKCS12. Ignorando valor {0} especificado pelo usu\u00E1rio."},
+        {".keystore.must.be.NONE.if.storetype.is.{0}",
+                "-keystore deve ser NONE se -storetype for {0}"},
+        {"Too.many.retries.program.terminated",
+                 "Excesso de tentativas de repeti\u00E7\u00E3o; programa finalizado"},
+        {".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}",
+                "comandos -storepasswd e -keypasswd n\u00E3o suportados se -storetype for {0}"},
+        {".keypasswd.commands.not.supported.if.storetype.is.PKCS12",
+                "comandos -keypasswd n\u00E3o suportados se -storetype for PKCS12"},
+        {".keypass.and.new.can.not.be.specified.if.storetype.is.{0}",
+                "-keypass e -new n\u00E3o podem ser especificados se -storetype for {0}"},
+        {"if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified",
+                "se -protected for especificado, ent\u00E3o -storepass, -keypass e -new n\u00E3o dever\u00E3o ser especificados"},
+        {"if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified",
+                "se -srcprotected for especificado, ent\u00E3o -srcstorepass e -srckeypass n\u00E3o dever\u00E3o ser especificados"},
+        {"if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified",
+                "se a \u00E1rea de armazenamento de chaves n\u00E3o estiver protegida por senha, ent\u00E3o -storepass, -keypass e -new n\u00E3o dever\u00E3o ser especificados"},
+        {"if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified",
+                "se a \u00E1rea de armazenamento de chaves de origem n\u00E3o estiver protegida por senha, ent\u00E3o -srcstorepass e -srckeypass n\u00E3o dever\u00E3o ser especificados"},
+        {"Illegal.startdate.value", "valor da data inicial inv\u00E1lido"},
+        {"Validity.must.be.greater.than.zero",
+                "A validade deve ser maior do que zero"},
+        {"provName.not.a.provider", "{0} n\u00E3o \u00E9 um fornecedor"},
+        {"Usage.error.no.command.provided", "Erro de uso: nenhum comando fornecido"},
+        {"Source.keystore.file.exists.but.is.empty.", "O arquivo da \u00E1rea de armazenamento de chaves de origem existe, mas est\u00E1 vazio: "},
+        {"Please.specify.srckeystore", "Especifique -srckeystore"},
+        {"Must.not.specify.both.v.and.rfc.with.list.command",
+                "N\u00E3o devem ser especificados -v e -rfc com o comando 'list'"},
+        {"Key.password.must.be.at.least.6.characters",
+                "A senha da chave deve ter, no m\u00EDnimo, 6 caracteres"},
+        {"New.password.must.be.at.least.6.characters",
+                "A nova senha deve ter, no m\u00EDnimo, 6 caracteres"},
+        {"Keystore.file.exists.but.is.empty.",
+                "O arquivo da \u00E1rea de armazenamento de chaves existe, mas est\u00E1 vazio: "},
+        {"Keystore.file.does.not.exist.",
+                "O arquivo da \u00E1rea de armazenamento de chaves n\u00E3o existe. "},
+        {"Must.specify.destination.alias", "Deve ser especificado um alias de destino"},
+        {"Must.specify.alias", "Deve ser especificado um alias"},
+        {"Keystore.password.must.be.at.least.6.characters",
+                "A senha da \u00E1rea de armazenamento de chaves deve ter, no m\u00EDnimo, 6 caracteres"},
+        {"Enter.keystore.password.", "Informe a senha da \u00E1rea de armazenamento de chaves:  "},
+        {"Enter.source.keystore.password.", "Informe a senha da \u00E1rea de armazenamento de chaves de origem:  "},
+        {"Enter.destination.keystore.password.", "Informe a senha da \u00E1rea de armazenamento de chaves de destino:  "},
+        {"Keystore.password.is.too.short.must.be.at.least.6.characters",
+         "A senha da \u00E1rea de armazenamento de chaves \u00E9 muito curta - ela deve ter, no m\u00EDnimo, 6 caracteres"},
+        {"Unknown.Entry.Type", "Tipo de Entrada Desconhecido"},
+        {"Too.many.failures.Alias.not.changed", "Excesso de falhas. Alias n\u00E3o alterado"},
+        {"Entry.for.alias.alias.successfully.imported.",
+                 "Entrada do alias {0} importada com \u00EAxito."},
+        {"Entry.for.alias.alias.not.imported.", "Entrada do alias {0} n\u00E3o importada."},
+        {"Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported.",
+                 "Problema ao importar a entrada do alias {0}: {1}.\nEntrada do alias {0} n\u00E3o importada."},
+        {"Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled",
+                 "Comando de importa\u00E7\u00E3o conclu\u00EDdo:  {0} entradas importadas com \u00EAxito, {1} entradas falharam ou foram canceladas"},
+        {"Warning.Overwriting.existing.alias.alias.in.destination.keystore",
+                 "Advert\u00EAncia: Substitui\u00E7\u00E3o do alias {0} existente na \u00E1rea de armazenamento de chaves de destino"},
+        {"Existing.entry.alias.alias.exists.overwrite.no.",
+                 "Entrada j\u00E1 existente no alias {0}, substituir? [n\u00E3o]:  "},
+        {"Too.many.failures.try.later", "Excesso de falhas - tente mais tarde"},
+        {"Certification.request.stored.in.file.filename.",
+                "Solicita\u00E7\u00E3o de certificado armazenada no arquivo <{0}>"},
+        {"Submit.this.to.your.CA", "Submeter \u00E0 CA"},
+        {"if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified",
+            "se o alias n\u00E3o estiver especificado, destalias, srckeypass e destkeypass n\u00E3o dever\u00E3o ser especificados"},
+        {"Certificate.stored.in.file.filename.",
+                "Certificado armazenado no arquivo <{0}>"},
+        {"Certificate.reply.was.installed.in.keystore",
+                "A resposta do certificado foi instalada na \u00E1rea de armazenamento de chaves"},
+        {"Certificate.reply.was.not.installed.in.keystore",
+                "A resposta do certificado n\u00E3o foi instalada na \u00E1rea de armazenamento de chaves"},
+        {"Certificate.was.added.to.keystore",
+                "O certificado foi adicionado \u00E0 \u00E1rea de armazenamento de chaves"},
+        {"Certificate.was.not.added.to.keystore",
+                "O certificado n\u00E3o foi adicionado \u00E0 \u00E1rea de armazenamento de chaves"},
+        {".Storing.ksfname.", "[Armazenando {0}]"},
+        {"alias.has.no.public.key.certificate.",
+                "{0} n\u00E3o tem chave p\u00FAblica (certificado)"},
+        {"Cannot.derive.signature.algorithm",
+                "N\u00E3o \u00E9 poss\u00EDvel obter um algoritmo de assinatura"},
+        {"Alias.alias.does.not.exist",
+                "O alias <{0}> n\u00E3o existe"},
+        {"Alias.alias.has.no.certificate",
+                "O alias <{0}> n\u00E3o tem certificado"},
+        {"Key.pair.not.generated.alias.alias.already.exists",
+                "Par de chaves n\u00E3o gerado; o alias <{0}> j\u00E1 existe"},
+        {"Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for",
+                "Gerando o par de chaves {1} de {0} bit e o certificado autoassinado ({2}) com uma validade de {3} dias\n\tpara: {4}"},
+        {"Enter.key.password.for.alias.", "Informar a senha da chave de <{0}>"},
+        {".RETURN.if.same.as.keystore.password.",
+                "\t(RETURN se for igual \u00E0 senha da \u00E1rea do armazenamento de chaves):  "},
+        {"Key.password.is.too.short.must.be.at.least.6.characters",
+                "A senha da chave \u00E9 muito curta - deve ter, no m\u00EDnimo, 6 caracteres"},
+        {"Too.many.failures.key.not.added.to.keystore",
+                "Excesso de falhas - chave n\u00E3o adicionada a \u00E1rea de armazenamento de chaves"},
+        {"Destination.alias.dest.already.exists",
+                "O alias de destino <{0}> j\u00E1 existe"},
+        {"Password.is.too.short.must.be.at.least.6.characters",
+                "A senha \u00E9 muito curta - deve ter, no m\u00EDnimo, 6 caracteres"},
+        {"Too.many.failures.Key.entry.not.cloned",
+                "Excesso de falhas. Entrada da chave n\u00E3o clonada"},
+        {"key.password.for.alias.", "senha da chave de <{0}>"},
+        {"Keystore.entry.for.id.getName.already.exists",
+                "A entrada da \u00E1rea do armazenamento de chaves de <{0}> j\u00E1 existe"},
+        {"Creating.keystore.entry.for.id.getName.",
+                "Criando entrada da \u00E1rea do armazenamento de chaves para <{0}> ..."},
+        {"No.entries.from.identity.database.added",
+                "Nenhuma entrada adicionada do banco de dados de identidades"},
+        {"Alias.name.alias", "Nome do alias: {0}"},
+        {"Creation.date.keyStore.getCreationDate.alias.",
+                "Data de cria\u00E7\u00E3o: {0,date}"},
+        {"alias.keyStore.getCreationDate.alias.",
+                "{0}, {1,date}, "},
+        {"alias.", "{0}, "},
+        {"Entry.type.type.", "Tipo de entrada: {0}"},
+        {"Certificate.chain.length.", "Comprimento da cadeia de certificados: "},
+        {"Certificate.i.1.", "Certificado[{0,number,integer}]:"},
+        {"Certificate.fingerprint.SHA1.", "Fingerprint (MD5) do certificado: "},
+        {"Keystore.type.", "Tipo de \u00E1rea de armazenamento de chaves: "},
+        {"Keystore.provider.", "Fornecedor da \u00E1rea de armazenamento de chaves: "},
+        {"Your.keystore.contains.keyStore.size.entry",
+                "Sua \u00E1rea de armazenamento de chaves cont\u00E9m {0,number,integer} entrada"},
+        {"Your.keystore.contains.keyStore.size.entries",
+                "Sua \u00E1rea de armazenamento de chaves cont\u00E9m {0,number,integer} entradas"},
+        {"Failed.to.parse.input", "Falha durante o parse da entrada"},
+        {"Empty.input", "Entrada vazia"},
+        {"Not.X.509.certificate", "N\u00E3o \u00E9 um certificado X.509"},
+        {"alias.has.no.public.key", "{0} n\u00E3o tem chave p\u00FAblica"},
+        {"alias.has.no.X.509.certificate", "{0} n\u00E3o tem certificado X.509"},
+        {"New.certificate.self.signed.", "Novo certificado (autoassinado):"},
+        {"Reply.has.no.certificates", "A resposta n\u00E3o tem certificado"},
+        {"Certificate.not.imported.alias.alias.already.exists",
+                "Certificado n\u00E3o importado, o alias <{0}> j\u00E1 existe"},
+        {"Input.not.an.X.509.certificate", "A entrada n\u00E3o \u00E9 um certificado X.509"},
+        {"Certificate.already.exists.in.keystore.under.alias.trustalias.",
+                "O certificado j\u00E1 existe no armazenamento de chaves no alias <{0}>"},
+        {"Do.you.still.want.to.add.it.no.",
+                "Ainda deseja adicion\u00E1-lo? [n\u00E3o]:  "},
+        {"Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias.",
+                "O certificado j\u00E1 existe na \u00E1rea de armazenamento de chaves da CA em todo o sistema no alias <{0}>"},
+        {"Do.you.still.want.to.add.it.to.your.own.keystore.no.",
+                "Ainda deseja adicion\u00E1-lo \u00E0 sua \u00E1rea de armazenamento de chaves? [n\u00E3o]:  "},
+        {"Trust.this.certificate.no.", "Confiar neste certificado? [n\u00E3o]:  "},
+        {"YES", "Sim"},
+        {"New.prompt.", "Nova {0}: "},
+        {"Passwords.must.differ", "As senhas devem ser diferentes"},
+        {"Re.enter.new.prompt.", "Informe novamente a nova {0}: "},
+        {"Re.enter.new.password.", "Informe novamente a nova senha: "},
+        {"They.don.t.match.Try.again", "Elas n\u00E3o correspondem. Tente novamente"},
+        {"Enter.prompt.alias.name.", "Informe o nome do alias {0}:  "},
+        {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
+                 "Informe o novo nome do alias\t(RETURN para cancelar a importa\u00E7\u00E3o desta entrada):  "},
+        {"Enter.alias.name.", "Informe o nome do alias:  "},
+        {".RETURN.if.same.as.for.otherAlias.",
+                "\t(RETURN se for igual ao de <{0}>)"},
+        {".PATTERN.printX509Cert",
+                "Propriet\u00E1rio: {0}\nEmissor: {1}\nN\u00FAmero de s\u00E9rie: {2}\nV\u00E1lido de: {3} a: {4}\nFingerprints do certificado:\n\t MD5:  {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t Nome do algoritmo de assinatura: {8}\n\t Vers\u00E3o: {9}"},
+        {"What.is.your.first.and.last.name.",
+                "Qual \u00E9 o seu nome e o seu sobrenome?"},
+        {"What.is.the.name.of.your.organizational.unit.",
+                "Qual \u00E9 o nome da sua unidade organizacional?"},
+        {"What.is.the.name.of.your.organization.",
+                "Qual \u00E9 o nome da sua empresa?"},
+        {"What.is.the.name.of.your.City.or.Locality.",
+                "Qual \u00E9 o nome da sua Cidade ou Localidade?"},
+        {"What.is.the.name.of.your.State.or.Province.",
+                "Qual \u00E9 o nome do seu Estado ou Munic\u00EDpio?"},
+        {"What.is.the.two.letter.country.code.for.this.unit.",
+                "Quais s\u00E3o as duas letras do c\u00F3digo do pa\u00EDs desta unidade?"},
+        {"Is.name.correct.", "{0} Est\u00E1 correto?"},
+        {"no", "n\u00E3o"},
+        {"yes", "sim"},
+        {"y", "s"},
+        {".defaultValue.", "  [{0}]:  "},
+        {"Alias.alias.has.no.key",
+                "O alias <{0}> n\u00E3o tem chave"},
+        {"Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key",
+                 "O alias <{0}> faz refer\u00EAncia a um tipo de entrada que n\u00E3o \u00E9 uma entrada de chave privada. O comando -keyclone oferece suporte somente \u00E0 clonagem de entradas de chave privada"},
+
+        {".WARNING.WARNING.WARNING.",
+            "*****************  Advert\u00EAncia Advert\u00EAncia Advert\u00EAncia  *****************"},
+        {"Signer.d.", "Signat\u00E1rio #%d:"},
+        {"Timestamp.", "Timestamp:"},
+        {"Signature.", "Assinatura:"},
+        {"CRLs.", "CRLs:"},
+        {"Certificate.owner.", "Propriet\u00E1rio do certificado: "},
+        {"Not.a.signed.jar.file", "N\u00E3o \u00E9 um arquivo jar assinado"},
+        {"No.certificate.from.the.SSL.server",
+                "N\u00E3o \u00E9 um certificado do servidor SSL"},
+
+        {".The.integrity.of.the.information.stored.in.your.keystore.",
+            "* A integridade das informa\u00E7\u00F5es armazenadas na sua \u00E1rea de armazenamento de chaves  *\n* N\u00C3O foi verificada!  Para que seja poss\u00EDvel verificar sua integridade, *\n* voc\u00EA deve fornecer a senha da \u00E1rea de armazenamento de chaves.                  *"},
+        {".The.integrity.of.the.information.stored.in.the.srckeystore.",
+            "* A integridade das informa\u00E7\u00F5es armazenadas no srckeystore  *\n* N\u00C3O foi verificada!  Para que seja poss\u00EDvel verificar sua integridade, *\n* voc\u00EA deve fornecer a senha do srckeystore.                  *"},
+
+        {"Certificate.reply.does.not.contain.public.key.for.alias.",
+                "A resposta do certificado n\u00E3o cont\u00E9m a chave p\u00FAblica de <{0}>"},
+        {"Incomplete.certificate.chain.in.reply",
+                "Cadeia de certificados incompleta na resposta"},
+        {"Certificate.chain.in.reply.does.not.verify.",
+                "A cadeia de certificados da resposta n\u00E3o verifica: "},
+        {"Top.level.certificate.in.reply.",
+                "Certificado de n\u00EDvel superior na resposta:\n"},
+        {".is.not.trusted.", "... n\u00E3o \u00E9 confi\u00E1vel. "},
+        {"Install.reply.anyway.no.", "Instalar resposta assim mesmo? [n\u00E3o]:  "},
+        {"NO", "N\u00E3o"},
+        {"Public.keys.in.reply.and.keystore.don.t.match",
+                "As chaves p\u00FAblicas da resposta e da \u00E1rea de armazenamento de chaves n\u00E3o correspondem"},
+        {"Certificate.reply.and.certificate.in.keystore.are.identical",
+                "O certificado da resposta e o certificado da \u00E1rea de armazenamento de chaves s\u00E3o id\u00EAnticos"},
+        {"Failed.to.establish.chain.from.reply",
+                "Falha ao estabelecer a cadeia a partir da resposta"},
+        {"n", "n"},
+        {"Wrong.answer.try.again", "Resposta errada; tente novamente"},
+        {"Secret.key.not.generated.alias.alias.already.exists",
+                "Chave secreta n\u00E3o gerada; o alias <{0}> j\u00E1 existe"},
+        {"Please.provide.keysize.for.secret.key.generation",
+                "Forne\u00E7a o -keysize para a gera\u00E7\u00E3o da chave secreta"},
+
+        {"Extensions.", "Extens\u00F5es: "},
+        {".Empty.value.", "(Valor vazio)"},
+        {"Extension.Request.", "Solicita\u00E7\u00E3o de Extens\u00E3o:"},
+        {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
+                "Solicita\u00E7\u00E3o do Certificado PKCS #10 (Vers\u00E3o 1.0)\nAssunto: %s\nChave P\u00FAblica: %s formato %s chave\n"},
+        {"Unknown.keyUsage.type.", "Tipo de keyUsage desconhecido: "},
+        {"Unknown.extendedkeyUsage.type.", "Tipo de extendedkeyUsage desconhecido: "},
+        {"Unknown.AccessDescription.type.", "Tipo de AccessDescription desconhecido: "},
+        {"Unrecognized.GeneralName.type.", "Tipo de GeneralName n\u00E3o reconhecido: "},
+        {"This.extension.cannot.be.marked.as.critical.",
+                 "Esta extens\u00E3o n\u00E3o pode ser marcada como cr\u00EDtica. "},
+        {"Odd.number.of.hex.digits.found.", "Encontrado n\u00FAmero \u00EDmpar de seis d\u00EDgitos: "},
+        {"Unknown.extension.type.", "Tipo de extens\u00E3o desconhecido: "},
+        {"command.{0}.is.ambiguous.", "o comando {0} \u00E9 amb\u00EDguo:"}
+    };
+
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/keytool/Resources_sv.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,431 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.keytool;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for the keytool.
+ *
+ */
+public class Resources_sv extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+        {"NEWLINE", "\n"},
+        {"STAR",
+                "*******************************************"},
+        {"STARNN",
+                "*******************************************\n\n"},
+
+        // keytool: Help part
+// "Option" should be translated.
+        {".OPTION.", " [Alternativ]..."},
+        {"Options.", "Alternativ:"},
+        {"Use.keytool.help.for.all.available.commands",
+                 "L\u00E4s \"Hj\u00E4lp - Nyckelverktyg\" f\u00F6r alla tillg\u00E4ngliga kommandon"},
+        {"Key.and.Certificate.Management.Tool",
+                 "Hanteringsverktyg f\u00F6r nycklar och certifikat"},
+        {"Commands.", "Kommandon:"},
+        {"Use.keytool.command.name.help.for.usage.of.command.name",
+                "L\u00E4s \"Hj\u00E4lp - Nyckelverktyg - command_name\" om anv\u00E4ndning av command_name"},
+        // keytool: help: commands
+        {"Generates.a.certificate.request",
+                "Genererar certifikatbeg\u00E4ran"}, //-certreq
+        {"Changes.an.entry.s.alias",
+                "\u00C4ndrar postalias"}, //-changealias
+        {"Deletes.an.entry",
+                "Tar bort post"}, //-delete
+        {"Exports.certificate",
+                "Exporterar certifikat"}, //-exportcert
+        {"Generates.a.key.pair",
+                "Genererar nyckelpar"}, //-genkeypair
+// translation of "secret" key should be different to "private" key.
+        {"Generates.a.secret.key",
+                "Genererar hemlig nyckel"}, //-genseckey
+        {"Generates.certificate.from.a.certificate.request",
+                "Genererar certifikat fr\u00E5n certifikatbeg\u00E4ran"}, //-gencert
+        {"Generates.CRL", "Genererar CRL"}, //-gencrl
+        {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
+                "Importerar poster fr\u00E5n identitetsdatabas i JDK 1.1.x-format"}, //-identitydb
+        {"Imports.a.certificate.or.a.certificate.chain",
+                "Importerar ett certifikat eller en certifikatkedja"}, //-importcert
+        {"Imports.one.or.all.entries.from.another.keystore",
+                "Importerar en eller alla poster fr\u00E5n annat nyckellager"}, //-importkeystore
+        {"Clones.a.key.entry",
+                "Klonar en nyckelpost"}, //-keyclone
+        {"Changes.the.key.password.of.an.entry",
+                "\u00C4ndrar nyckell\u00F6senordet f\u00F6r en post"}, //-keypasswd
+        {"Lists.entries.in.a.keystore",
+                "Visar lista \u00F6ver poster i nyckellager"}, //-list
+        {"Prints.the.content.of.a.certificate",
+                "Skriver ut inneh\u00E5llet i ett certifikat"}, //-printcert
+        {"Prints.the.content.of.a.certificate.request",
+                "Skriver ut inneh\u00E5llet i en certifikatbeg\u00E4ran"}, //-printcertreq
+        {"Prints.the.content.of.a.CRL.file",
+                "Skriver ut inneh\u00E5llet i en CRL-fil"}, //-printcrl
+        {"Generates.a.self.signed.certificate",
+                "Genererar ett sj\u00E4lvsignerat certifikat"}, //-selfcert
+        {"Changes.the.store.password.of.a.keystore",
+                "\u00C4ndrar lagerl\u00F6senordet f\u00F6r ett nyckellager"}, //-storepasswd
+        // keytool: help: options
+        {"alias.name.of.the.entry.to.process",
+                "aliasnamn f\u00F6r post som ska bearbetas"}, //-alias
+        {"destination.alias",
+                "destinationsalias"}, //-destalias
+        {"destination.key.password",
+                "l\u00F6senord f\u00F6r destinationsnyckel"}, //-destkeypass
+        {"destination.keystore.name",
+                "namn p\u00E5 destinationsnyckellager"}, //-destkeystore
+        {"destination.keystore.password.protected",
+                "skyddat l\u00F6senord f\u00F6r destinationsnyckellager"}, //-destprotected
+        {"destination.keystore.provider.name",
+                "leverant\u00F6rsnamn f\u00F6r destinationsnyckellager"}, //-destprovidername
+        {"destination.keystore.password",
+                "l\u00F6senord f\u00F6r destinationsnyckellager"}, //-deststorepass
+        {"destination.keystore.type",
+                "typ av destinationsnyckellager"}, //-deststoretype
+        {"distinguished.name",
+                "unikt namn"}, //-dname
+        {"X.509.extension",
+                "X.509-till\u00E4gg"}, //-ext
+        {"output.file.name",
+                "namn p\u00E5 utdatafil"}, //-file and -outfile
+        {"input.file.name",
+                "namn p\u00E5 indatafil"}, //-file and -infile
+        {"key.algorithm.name",
+                "namn p\u00E5 nyckelalgoritm"}, //-keyalg
+        {"key.password",
+                "nyckell\u00F6senord"}, //-keypass
+        {"key.bit.size",
+                "nyckelbitstorlek"}, //-keysize
+        {"keystore.name",
+                "namn p\u00E5 nyckellager"}, //-keystore
+        {"new.password",
+                "nytt l\u00F6senord"}, //-new
+        {"do.not.prompt",
+                "fr\u00E5ga inte"}, //-noprompt
+        {"password.through.protected.mechanism",
+                "l\u00F6senord med skyddad mekanism"}, //-protected
+        {"provider.argument",
+                "leverant\u00F6rsargument"}, //-providerarg
+        {"provider.class.name",
+                "namn p\u00E5 leverant\u00F6rsklass"}, //-providerclass
+        {"provider.name",
+                "leverant\u00F6rsnamn"}, //-providername
+        {"provider.classpath",
+                "leverant\u00F6rsklass\u00F6kv\u00E4g"}, //-providerpath
+        {"output.in.RFC.style",
+                "utdata i RFC-format"}, //-rfc
+        {"signature.algorithm.name",
+                "namn p\u00E5 signaturalgoritm"}, //-sigalg
+        {"source.alias",
+                "k\u00E4llalias"}, //-srcalias
+        {"source.key.password",
+                "l\u00F6senord f\u00F6r k\u00E4llnyckel"}, //-srckeypass
+        {"source.keystore.name",
+                "namn p\u00E5 k\u00E4llnyckellager"}, //-srckeystore
+        {"source.keystore.password.protected",
+                "skyddat l\u00F6senord f\u00F6r k\u00E4llnyckellager"}, //-srcprotected
+        {"source.keystore.provider.name",
+                "leverant\u00F6rsnamn f\u00F6r k\u00E4llnyckellager"}, //-srcprovidername
+        {"source.keystore.password",
+                "l\u00F6senord f\u00F6r k\u00E4llnyckellager"}, //-srcstorepass
+        {"source.keystore.type",
+                "typ av k\u00E4llnyckellager"}, //-srcstoretype
+        {"SSL.server.host.and.port",
+                "SSL-serverv\u00E4rd och -port"}, //-sslserver
+        {"signed.jar.file",
+                "signerad jar-fil"}, //=jarfile
+        {"certificate.validity.start.date.time",
+                "startdatum/-tid f\u00F6r certifikatets giltighet"}, //-startdate
+        {"keystore.password",
+                "l\u00F6senord f\u00F6r nyckellager"}, //-storepass
+        {"keystore.type",
+                "nyckellagertyp"}, //-storetype
+        {"trust.certificates.from.cacerts",
+                "tillf\u00F6rlitliga certifikat fr\u00E5n cacerts"}, //-trustcacerts
+        {"verbose.output",
+                "utf\u00F6rliga utdata"}, //-v
+        {"validity.number.of.days",
+                "antal dagar f\u00F6r giltighet"}, //-validity
+        {"Serial.ID.of.cert.to.revoke",
+                 "Seriellt ID f\u00F6r certifikat som ska \u00E5terkallas"}, //-id
+        // keytool: Running part
+        {"keytool.error.", "nyckelverktygsfel: "},
+        {"Illegal.option.", "Otill\u00E5tet alternativ:  "},
+        {"Illegal.value.", "Otill\u00E5tet v\u00E4rde: "},
+        {"Unknown.password.type.", "Ok\u00E4nd l\u00F6senordstyp: "},
+        {"Cannot.find.environment.variable.",
+                "Kan inte hitta milj\u00F6variabel: "},
+        {"Cannot.find.file.", "Hittar inte fil: "},
+        {"Command.option.flag.needs.an.argument.", "Kommandoalternativet {0} beh\u00F6ver ett argument."},
+        {"Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value.",
+                "Varning!  PKCS12-nyckellager har inte st\u00F6d f\u00F6r olika l\u00F6senord f\u00F6r lagret och nyckeln. Det anv\u00E4ndarspecificerade {0}-v\u00E4rdet ignoreras."},
+        {".keystore.must.be.NONE.if.storetype.is.{0}",
+                "-keystore m\u00E5ste vara NONE om -storetype \u00E4r {0}"},
+        {"Too.many.retries.program.terminated",
+                 "F\u00F6r m\u00E5nga f\u00F6rs\u00F6k. Programmet avslutas"},
+        {".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}",
+                "-storepasswd- och -keypasswd-kommandon st\u00F6ds inte om -storetype \u00E4r {0}"},
+        {".keypasswd.commands.not.supported.if.storetype.is.PKCS12",
+                "-keypasswd-kommandon st\u00F6ds inte om -storetype \u00E4r PKCS12"},
+        {".keypass.and.new.can.not.be.specified.if.storetype.is.{0}",
+                "-keypass och -new kan inte anges om -storetype \u00E4r {0}"},
+        {"if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified",
+                "om -protected har angetts f\u00E5r inte -storepass, -keypass och -new anges"},
+        {"if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified",
+                "om -srcprotected anges f\u00E5r -srcstorepass och -srckeypass inte anges"},
+        {"if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified",
+                "om nyckellagret inte \u00E4r l\u00F6senordsskyddat f\u00E5r -storepass, -keypass och -new inte anges"},
+        {"if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified",
+                "om k\u00E4llnyckellagret inte \u00E4r l\u00F6senordsskyddat f\u00E5r -srcstorepass och -srckeypass inte anges"},
+        {"Illegal.startdate.value", "Otill\u00E5tet v\u00E4rde f\u00F6r startdatum"},
+        {"Validity.must.be.greater.than.zero",
+                "Giltigheten m\u00E5ste vara st\u00F6rre \u00E4n noll"},
+        {"provName.not.a.provider", "{0} \u00E4r inte en leverant\u00F6r"},
+        {"Usage.error.no.command.provided", "Syntaxfel: inget kommando angivet"},
+        {"Source.keystore.file.exists.but.is.empty.", "Nyckellagrets k\u00E4llfil finns, men \u00E4r tom: "},
+        {"Please.specify.srckeystore", "Ange -srckeystore"},
+        {"Must.not.specify.both.v.and.rfc.with.list.command",
+                "Kan inte specificera b\u00E5de -v och -rfc med 'list'-kommandot"},
+        {"Key.password.must.be.at.least.6.characters",
+                "Nyckell\u00F6senordet m\u00E5ste inneh\u00E5lla minst 6 tecken"},
+        {"New.password.must.be.at.least.6.characters",
+                "Det nya l\u00F6senordet m\u00E5ste inneh\u00E5lla minst 6 tecken"},
+        {"Keystore.file.exists.but.is.empty.",
+                "Nyckellagerfilen finns, men \u00E4r tom: "},
+        {"Keystore.file.does.not.exist.",
+                "Nyckellagerfilen finns inte: "},
+        {"Must.specify.destination.alias", "Du m\u00E5ste ange destinationsalias"},
+        {"Must.specify.alias", "Du m\u00E5ste ange alias"},
+        {"Keystore.password.must.be.at.least.6.characters",
+                "Nyckellagerl\u00F6senordet m\u00E5ste inneh\u00E5lla minst 6 tecken"},
+        {"Enter.keystore.password.", "Ange nyckellagerl\u00F6senord:  "},
+        {"Enter.source.keystore.password.", "Ange l\u00F6senord f\u00F6r k\u00E4llnyckellagret:  "},
+        {"Enter.destination.keystore.password.", "Ange nyckellagerl\u00F6senord f\u00F6r destination:  "},
+        {"Keystore.password.is.too.short.must.be.at.least.6.characters",
+         "Nyckellagerl\u00F6senordet \u00E4r f\u00F6r kort - det m\u00E5ste inneh\u00E5lla minst 6 tecken"},
+        {"Unknown.Entry.Type", "Ok\u00E4nd posttyp"},
+        {"Too.many.failures.Alias.not.changed", "F\u00F6r m\u00E5nga fel. Alias har inte \u00E4ndrats"},
+        {"Entry.for.alias.alias.successfully.imported.",
+                 "Posten f\u00F6r alias {0} har importerats."},
+        {"Entry.for.alias.alias.not.imported.", "Posten f\u00F6r alias {0} har inte importerats."},
+        {"Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported.",
+                 "Ett problem uppstod vid importen av posten f\u00F6r alias {0}: {1}.\nPosten {0} har inte importerats."},
+        {"Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled",
+                 "Kommandoimporten slutf\u00F6rd: {0} poster har importerats, {1} poster var felaktiga eller annullerades"},
+        {"Warning.Overwriting.existing.alias.alias.in.destination.keystore",
+                 "Varning! Det befintliga aliaset {0} i destinationsnyckellagret skrivs \u00F6ver"},
+        {"Existing.entry.alias.alias.exists.overwrite.no.",
+                 "Aliaset {0} finns redan. Vill du skriva \u00F6ver det? [nej]:  "},
+        {"Too.many.failures.try.later", "F\u00F6r m\u00E5nga fel - f\u00F6rs\u00F6k igen senare"},
+        {"Certification.request.stored.in.file.filename.",
+                "Certifikatbeg\u00E4ran har lagrats i filen <{0}>"},
+        {"Submit.this.to.your.CA", "Skicka detta till certifikatutf\u00E4rdaren"},
+        {"if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified",
+            "om n\u00E5got alias inte anges f\u00E5r destalias, srckeypass och destkeypass inte anges"},
+        {"Certificate.stored.in.file.filename.",
+                "Certifikatet har lagrats i filen <{0}>"},
+        {"Certificate.reply.was.installed.in.keystore",
+                "Certifikatsvaret har installerats i nyckellagret"},
+        {"Certificate.reply.was.not.installed.in.keystore",
+                "Certifikatsvaret har inte installerats i nyckellagret"},
+        {"Certificate.was.added.to.keystore",
+                "Certifikatet har lagts till i nyckellagret"},
+        {"Certificate.was.not.added.to.keystore",
+                "Certifikatet har inte lagts till i nyckellagret"},
+        {".Storing.ksfname.", "[Lagrar {0}]"},
+        {"alias.has.no.public.key.certificate.",
+                "{0} saknar offentlig nyckel (certifikat)"},
+        {"Cannot.derive.signature.algorithm",
+                "Kan inte h\u00E4rleda signaturalgoritm"},
+        {"Alias.alias.does.not.exist",
+                "Aliaset <{0}> finns inte"},
+        {"Alias.alias.has.no.certificate",
+                "Aliaset <{0}> saknar certifikat"},
+        {"Key.pair.not.generated.alias.alias.already.exists",
+                "Nyckelparet genererades inte. Aliaset <{0}> finns redan"},
+        {"Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for",
+                "Genererar {0} bitars {1}-nyckelpar och sj\u00E4lvsignerat certifikat ({2}) med en giltighet p\u00E5 {3} dagar\n\tf\u00F6r: {4}"},
+        {"Enter.key.password.for.alias.", "Ange nyckell\u00F6senord f\u00F6r <{0}>"},
+        {".RETURN.if.same.as.keystore.password.",
+                "\t(RETURN om det \u00E4r identiskt med nyckellagerl\u00F6senordet):  "},
+        {"Key.password.is.too.short.must.be.at.least.6.characters",
+                "Nyckell\u00F6senordet \u00E4r f\u00F6r kort - det m\u00E5ste inneh\u00E5lla minst 6 tecken"},
+        {"Too.many.failures.key.not.added.to.keystore",
+                "F\u00F6r m\u00E5nga fel - nyckeln lades inte till i nyckellagret"},
+        {"Destination.alias.dest.already.exists",
+                "Destinationsaliaset <{0}> finns redan"},
+        {"Password.is.too.short.must.be.at.least.6.characters",
+                "L\u00F6senordet \u00E4r f\u00F6r kort - det m\u00E5ste inneh\u00E5lla minst 6 tecken"},
+        {"Too.many.failures.Key.entry.not.cloned",
+                "F\u00F6r m\u00E5nga fel. Nyckelposten har inte klonats"},
+        {"key.password.for.alias.", "nyckell\u00F6senord f\u00F6r <{0}>"},
+        {"Keystore.entry.for.id.getName.already.exists",
+                "Nyckellagerpost f\u00F6r <{0}> finns redan"},
+        {"Creating.keystore.entry.for.id.getName.",
+                "Skapar nyckellagerpost f\u00F6r <{0}> ..."},
+        {"No.entries.from.identity.database.added",
+                "Inga poster fr\u00E5n identitetsdatabasen har lagts till"},
+        {"Alias.name.alias", "Aliasnamn: {0}"},
+        {"Creation.date.keyStore.getCreationDate.alias.",
+                "Skapat den: {0,date}"},
+        {"alias.keyStore.getCreationDate.alias.",
+                "{0}, {1,date}, "},
+        {"alias.", "{0}, "},
+        {"Entry.type.type.", "Posttyp: {0}"},
+        {"Certificate.chain.length.", "L\u00E4ngd p\u00E5 certifikatskedja: "},
+        {"Certificate.i.1.", "Certifikat[{0,number,integer}]:"},
+        {"Certificate.fingerprint.SHA1.", "Certifikatets fingeravtryck (SHA1): "},
+        {"Keystore.type.", "Nyckellagertyp: "},
+        {"Keystore.provider.", "Nyckellagerleverant\u00F6r: "},
+        {"Your.keystore.contains.keyStore.size.entry",
+                "Nyckellagret inneh\u00E5ller {0,number,integer} post"},
+        {"Your.keystore.contains.keyStore.size.entries",
+                "Nyckellagret inneh\u00E5ller {0,number,integer} poster"},
+        {"Failed.to.parse.input", "Kunde inte tolka indata"},
+        {"Empty.input", "Inga indata"},
+        {"Not.X.509.certificate", "Inte ett X.509-certifikat"},
+        {"alias.has.no.public.key", "{0} saknar offentlig nyckel"},
+        {"alias.has.no.X.509.certificate", "{0} saknar X.509-certifikat"},
+        {"New.certificate.self.signed.", "Nytt certifikat (sj\u00E4lvsignerat):"},
+        {"Reply.has.no.certificates", "Svaret saknar certifikat"},
+        {"Certificate.not.imported.alias.alias.already.exists",
+                "Certifikatet importerades inte. Aliaset <{0}> finns redan"},
+        {"Input.not.an.X.509.certificate", "Indata \u00E4r inte ett X.509-certifikat"},
+        {"Certificate.already.exists.in.keystore.under.alias.trustalias.",
+                "Certifikatet finns redan i nyckellagerfilen under aliaset <{0}>"},
+        {"Do.you.still.want.to.add.it.no.",
+                "Vill du fortfarande l\u00E4gga till det? [nej]:  "},
+        {"Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias.",
+                "Certifikatet finns redan i den systemomsp\u00E4nnande CA-nyckellagerfilen under aliaset <{0}>"},
+        {"Do.you.still.want.to.add.it.to.your.own.keystore.no.",
+                "Vill du fortfarande l\u00E4gga till det i ditt eget nyckellagret? [nej]:  "},
+        {"Trust.this.certificate.no.", "Litar du p\u00E5 det h\u00E4r certifikatet? [nej]:  "},
+        {"YES", "Ja"},
+        {"New.prompt.", "Nytt {0}: "},
+        {"Passwords.must.differ", "L\u00F6senorden m\u00E5ste vara olika"},
+        {"Re.enter.new.prompt.", "Ange nytt {0} igen: "},
+        {"Re.enter.new.password.", "Ange det nya l\u00F6senordet igen: "},
+        {"They.don.t.match.Try.again", "De matchar inte. F\u00F6rs\u00F6k igen"},
+        {"Enter.prompt.alias.name.", "Ange aliasnamn f\u00F6r {0}:  "},
+        {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
+                 "Ange ett nytt aliasnamn\t(skriv RETURN f\u00F6r att avbryta importen av denna post):  "},
+        {"Enter.alias.name.", "Ange aliasnamn:  "},
+        {".RETURN.if.same.as.for.otherAlias.",
+                "\t(RETURN om det \u00E4r det samma som f\u00F6r <{0}>)"},
+        {".PATTERN.printX509Cert",
+                "\u00C4gare: {0}\nUtf\u00E4rdare: {1}\nSerienummer: {2}\nGiltigt fr\u00E5n den: {3} till: {4}\nCertifikatets fingeravtryck:\n\t MD5: {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t Namn p\u00E5 signaturalgoritm: {8}\n\t Version: {9}"},
+        {"What.is.your.first.and.last.name.",
+                "Vad heter du i f\u00F6r- och efternamn?"},
+        {"What.is.the.name.of.your.organizational.unit.",
+                "Vad heter din avdelning inom organisationen?"},
+        {"What.is.the.name.of.your.organization.",
+                "Vad heter din organisation?"},
+        {"What.is.the.name.of.your.City.or.Locality.",
+                "Vad heter din ort eller plats?"},
+        {"What.is.the.name.of.your.State.or.Province.",
+                "Vad heter ditt land eller din provins?"},
+        {"What.is.the.two.letter.country.code.for.this.unit.",
+                "Vilken \u00E4r den tv\u00E5st\u00E4lliga landskoden?"},
+        {"Is.name.correct.", "\u00C4r {0} korrekt?"},
+        {"no", "nej"},
+        {"yes", "ja"},
+        {"y", "j"},
+        {".defaultValue.", "  [{0}]:  "},
+        {"Alias.alias.has.no.key",
+                "Aliaset <{0}> saknar nyckel"},
+        {"Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key",
+                 "Aliaset <{0}> refererar till en posttyp som inte \u00E4r n\u00E5gon privat nyckelpost. Kommandot -keyclone har endast st\u00F6d f\u00F6r kloning av privata nyckelposter"},
+
+        {".WARNING.WARNING.WARNING.",
+            "*****************  Varning Varning Varning  *****************"},
+        {"Signer.d.", "Signerare #%d:"},
+        {"Timestamp.", "Tidsst\u00E4mpel:"},
+        {"Signature.", "Underskrift:"},
+        {"CRLs.", "CRL:er:"},
+        {"Certificate.owner.", "Certifikat\u00E4gare: "},
+        {"Not.a.signed.jar.file", "Ingen signerad jar-fil"},
+        {"No.certificate.from.the.SSL.server",
+                "Inget certifikat fr\u00E5n SSL-servern"},
+
+        {".The.integrity.of.the.information.stored.in.your.keystore.",
+            "* Integriteten f\u00F6r den information som lagras i nyckellagerfilen  *\n* har INTE verifierats!  Om du vill verifiera dess integritet *\n* m\u00E5ste du ange l\u00F6senordet f\u00F6r nyckellagret.                  *"},
+        {".The.integrity.of.the.information.stored.in.the.srckeystore.",
+            "* Integriteten f\u00F6r den information som lagras i srckeystore*\n* har INTE verifierats!  Om du vill verifiera dess integritet *\n* m\u00E5ste du ange l\u00F6senordet f\u00F6r srckeystore.                *"},
+
+        {"Certificate.reply.does.not.contain.public.key.for.alias.",
+                "Certifikatsvaret inneh\u00E5ller inte n\u00E5gon offentlig nyckel f\u00F6r <{0}>"},
+        {"Incomplete.certificate.chain.in.reply",
+                "Ofullst\u00E4ndig certifikatskedja i svaret"},
+        {"Certificate.chain.in.reply.does.not.verify.",
+                "Certifikatskedjan i svaret g\u00E5r inte att verifiera: "},
+        {"Top.level.certificate.in.reply.",
+                "Toppniv\u00E5certifikatet i svaret:\n"},
+        {".is.not.trusted.", "... \u00E4r inte betrott. "},
+        {"Install.reply.anyway.no.", "Vill du installera svaret \u00E4nd\u00E5? [nej]:  "},
+        {"NO", "Nej"},
+        {"Public.keys.in.reply.and.keystore.don.t.match",
+                "De offentliga nycklarna i svaret och nyckellagret matchar inte varandra"},
+        {"Certificate.reply.and.certificate.in.keystore.are.identical",
+                "Certifikatsvaret och certifikatet i nyckellagret \u00E4r identiska"},
+        {"Failed.to.establish.chain.from.reply",
+                "Kunde inte uppr\u00E4tta kedja fr\u00E5n svaret"},
+        {"n", "n"},
+        {"Wrong.answer.try.again", "Fel svar. F\u00F6rs\u00F6k p\u00E5 nytt."},
+        {"Secret.key.not.generated.alias.alias.already.exists",
+                "Den hemliga nyckeln har inte genererats eftersom aliaset <{0}> redan finns"},
+        {"Please.provide.keysize.for.secret.key.generation",
+                "Ange -keysize f\u00F6r att skapa hemlig nyckel"},
+
+        {"Extensions.", "Till\u00E4gg: "},
+        {".Empty.value.", "(Tomt v\u00E4rde)"},
+        {"Extension.Request.", "Till\u00E4ggsbeg\u00E4ran:"},
+        {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
+                "PKCS #10 certifikatbeg\u00E4ran (version 1.0)\n\u00C4mne: %s\nAllm\u00E4n nyckel: %s-format %s-nyckel\n"},
+        {"Unknown.keyUsage.type.", "Ok\u00E4nd keyUsage-typ: "},
+        {"Unknown.extendedkeyUsage.type.", "Ok\u00E4nd extendedkeyUsage-typ: "},
+        {"Unknown.AccessDescription.type.", "Ok\u00E4nd AccessDescription-typ: "},
+        {"Unrecognized.GeneralName.type.", "Ok\u00E4nd GeneralName-typ: "},
+        {"This.extension.cannot.be.marked.as.critical.",
+                 "Detta till\u00E4gg kan inte markeras som kritiskt. "},
+        {"Odd.number.of.hex.digits.found.", "Udda antal hex-siffror p\u00E5tr\u00E4ffades: "},
+        {"Unknown.extension.type.", "Ok\u00E4nd till\u00E4ggstyp: "},
+        {"command.{0}.is.ambiguous.", "kommandot {0} \u00E4r tvetydigt:"}
+    };
+
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/keytool/Resources_zh_CN.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,431 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.keytool;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for the keytool.
+ *
+ */
+public class Resources_zh_CN extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+        {"NEWLINE", "\n"},
+        {"STAR",
+                "*******************************************"},
+        {"STARNN",
+                "*******************************************\n\n"},
+
+        // keytool: Help part
+// "Option" should be translated.
+        {".OPTION.", " [\u9009\u9879]..."},
+        {"Options.", "\u9009\u9879:"},
+        {"Use.keytool.help.for.all.available.commands",
+                 "\u4F7F\u7528 \"keytool -help\" \u83B7\u53D6\u6240\u6709\u53EF\u7528\u547D\u4EE4"},
+        {"Key.and.Certificate.Management.Tool",
+                 "\u5BC6\u94A5\u548C\u8BC1\u4E66\u7BA1\u7406\u5DE5\u5177"},
+        {"Commands.", "\u547D\u4EE4:"},
+        {"Use.keytool.command.name.help.for.usage.of.command.name",
+                "\u4F7F\u7528 \"keytool -command_name -help\" \u83B7\u53D6 command_name \u7684\u7528\u6CD5"},
+        // keytool: help: commands
+        {"Generates.a.certificate.request",
+                "\u751F\u6210\u8BC1\u4E66\u8BF7\u6C42"}, //-certreq
+        {"Changes.an.entry.s.alias",
+                "\u66F4\u6539\u6761\u76EE\u7684\u522B\u540D"}, //-changealias
+        {"Deletes.an.entry",
+                "\u5220\u9664\u6761\u76EE"}, //-delete
+        {"Exports.certificate",
+                "\u5BFC\u51FA\u8BC1\u4E66"}, //-exportcert
+        {"Generates.a.key.pair",
+                "\u751F\u6210\u5BC6\u94A5\u5BF9"}, //-genkeypair
+// translation of "secret" key should be different to "private" key.
+        {"Generates.a.secret.key",
+                "\u751F\u6210\u5BF9\u79F0\u5BC6\u94A5"}, //-genseckey
+        {"Generates.certificate.from.a.certificate.request",
+                "\u6839\u636E\u8BC1\u4E66\u8BF7\u6C42\u751F\u6210\u8BC1\u4E66"}, //-gencert
+        {"Generates.CRL", "\u751F\u6210 CRL"}, //-gencrl
+        {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
+                "\u4ECE JDK 1.1.x \u6837\u5F0F\u7684\u8EAB\u4EFD\u6570\u636E\u5E93\u5BFC\u5165\u6761\u76EE"}, //-identitydb
+        {"Imports.a.certificate.or.a.certificate.chain",
+                "\u5BFC\u5165\u8BC1\u4E66\u6216\u8BC1\u4E66\u94FE"}, //-importcert
+        {"Imports.one.or.all.entries.from.another.keystore",
+                "\u4ECE\u5176\u4ED6\u5BC6\u94A5\u5E93\u5BFC\u5165\u4E00\u4E2A\u6216\u6240\u6709\u6761\u76EE"}, //-importkeystore
+        {"Clones.a.key.entry",
+                "\u514B\u9686\u5BC6\u94A5\u6761\u76EE"}, //-keyclone
+        {"Changes.the.key.password.of.an.entry",
+                "\u66F4\u6539\u6761\u76EE\u7684\u5BC6\u94A5\u53E3\u4EE4"}, //-keypasswd
+        {"Lists.entries.in.a.keystore",
+                "\u5217\u51FA\u5BC6\u94A5\u5E93\u4E2D\u7684\u6761\u76EE"}, //-list
+        {"Prints.the.content.of.a.certificate",
+                "\u6253\u5370\u8BC1\u4E66\u5185\u5BB9"}, //-printcert
+        {"Prints.the.content.of.a.certificate.request",
+                "\u6253\u5370\u8BC1\u4E66\u8BF7\u6C42\u7684\u5185\u5BB9"}, //-printcertreq
+        {"Prints.the.content.of.a.CRL.file",
+                "\u6253\u5370 CRL \u6587\u4EF6\u7684\u5185\u5BB9"}, //-printcrl
+        {"Generates.a.self.signed.certificate",
+                "\u751F\u6210\u81EA\u7B7E\u540D\u8BC1\u4E66"}, //-selfcert
+        {"Changes.the.store.password.of.a.keystore",
+                "\u66F4\u6539\u5BC6\u94A5\u5E93\u7684\u5B58\u50A8\u53E3\u4EE4"}, //-storepasswd
+        // keytool: help: options
+        {"alias.name.of.the.entry.to.process",
+                "\u8981\u5904\u7406\u7684\u6761\u76EE\u7684\u522B\u540D"}, //-alias
+        {"destination.alias",
+                "\u76EE\u6807\u522B\u540D"}, //-destalias
+        {"destination.key.password",
+                "\u76EE\u6807\u5BC6\u94A5\u53E3\u4EE4"}, //-destkeypass
+        {"destination.keystore.name",
+                "\u76EE\u6807\u5BC6\u94A5\u5E93\u540D\u79F0"}, //-destkeystore
+        {"destination.keystore.password.protected",
+                "\u53D7\u4FDD\u62A4\u7684\u76EE\u6807\u5BC6\u94A5\u5E93\u53E3\u4EE4"}, //-destprotected
+        {"destination.keystore.provider.name",
+                "\u76EE\u6807\u5BC6\u94A5\u5E93\u63D0\u4F9B\u65B9\u540D\u79F0"}, //-destprovidername
+        {"destination.keystore.password",
+                "\u76EE\u6807\u5BC6\u94A5\u5E93\u53E3\u4EE4"}, //-deststorepass
+        {"destination.keystore.type",
+                "\u76EE\u6807\u5BC6\u94A5\u5E93\u7C7B\u578B"}, //-deststoretype
+        {"distinguished.name",
+                "\u552F\u4E00\u5224\u522B\u540D"}, //-dname
+        {"X.509.extension",
+                "X.509 \u6269\u5C55"}, //-ext
+        {"output.file.name",
+                "\u8F93\u51FA\u6587\u4EF6\u540D"}, //-file and -outfile
+        {"input.file.name",
+                "\u8F93\u5165\u6587\u4EF6\u540D"}, //-file and -infile
+        {"key.algorithm.name",
+                "\u5BC6\u94A5\u7B97\u6CD5\u540D\u79F0"}, //-keyalg
+        {"key.password",
+                "\u5BC6\u94A5\u53E3\u4EE4"}, //-keypass
+        {"key.bit.size",
+                "\u5BC6\u94A5\u4F4D\u5927\u5C0F"}, //-keysize
+        {"keystore.name",
+                "\u5BC6\u94A5\u5E93\u540D\u79F0"}, //-keystore
+        {"new.password",
+                "\u65B0\u53E3\u4EE4"}, //-new
+        {"do.not.prompt",
+                "\u4E0D\u63D0\u793A"}, //-noprompt
+        {"password.through.protected.mechanism",
+                "\u901A\u8FC7\u53D7\u4FDD\u62A4\u7684\u673A\u5236\u7684\u53E3\u4EE4"}, //-protected
+        {"provider.argument",
+                "\u63D0\u4F9B\u65B9\u53C2\u6570"}, //-providerarg
+        {"provider.class.name",
+                "\u63D0\u4F9B\u65B9\u7C7B\u540D"}, //-providerclass
+        {"provider.name",
+                "\u63D0\u4F9B\u65B9\u540D\u79F0"}, //-providername
+        {"provider.classpath",
+                "\u63D0\u4F9B\u65B9\u7C7B\u8DEF\u5F84"}, //-providerpath
+        {"output.in.RFC.style",
+                "\u4EE5 RFC \u6837\u5F0F\u8F93\u51FA"}, //-rfc
+        {"signature.algorithm.name",
+                "\u7B7E\u540D\u7B97\u6CD5\u540D\u79F0"}, //-sigalg
+        {"source.alias",
+                "\u6E90\u522B\u540D"}, //-srcalias
+        {"source.key.password",
+                "\u6E90\u5BC6\u94A5\u53E3\u4EE4"}, //-srckeypass
+        {"source.keystore.name",
+                "\u6E90\u5BC6\u94A5\u5E93\u540D\u79F0"}, //-srckeystore
+        {"source.keystore.password.protected",
+                "\u53D7\u4FDD\u62A4\u7684\u6E90\u5BC6\u94A5\u5E93\u53E3\u4EE4"}, //-srcprotected
+        {"source.keystore.provider.name",
+                "\u6E90\u5BC6\u94A5\u5E93\u63D0\u4F9B\u65B9\u540D\u79F0"}, //-srcprovidername
+        {"source.keystore.password",
+                "\u6E90\u5BC6\u94A5\u5E93\u53E3\u4EE4"}, //-srcstorepass
+        {"source.keystore.type",
+                "\u6E90\u5BC6\u94A5\u5E93\u7C7B\u578B"}, //-srcstoretype
+        {"SSL.server.host.and.port",
+                "SSL \u670D\u52A1\u5668\u4E3B\u673A\u548C\u7AEF\u53E3"}, //-sslserver
+        {"signed.jar.file",
+                "\u5DF2\u7B7E\u540D\u7684 jar \u6587\u4EF6"}, //=jarfile
+        {"certificate.validity.start.date.time",
+                "\u8BC1\u4E66\u6709\u6548\u671F\u5F00\u59CB\u65E5\u671F/\u65F6\u95F4"}, //-startdate
+        {"keystore.password",
+                "\u5BC6\u94A5\u5E93\u53E3\u4EE4"}, //-storepass
+        {"keystore.type",
+                "\u5BC6\u94A5\u5E93\u7C7B\u578B"}, //-storetype
+        {"trust.certificates.from.cacerts",
+                "\u4FE1\u4EFB\u6765\u81EA cacerts \u7684\u8BC1\u4E66"}, //-trustcacerts
+        {"verbose.output",
+                "\u8BE6\u7EC6\u8F93\u51FA"}, //-v
+        {"validity.number.of.days",
+                "\u6709\u6548\u5929\u6570"}, //-validity
+        {"Serial.ID.of.cert.to.revoke",
+                 "\u8981\u64A4\u9500\u7684\u8BC1\u4E66\u7684\u5E8F\u5217 ID"}, //-id
+        // keytool: Running part
+        {"keytool.error.", "keytool \u9519\u8BEF: "},
+        {"Illegal.option.", "\u975E\u6CD5\u9009\u9879:  "},
+        {"Illegal.value.", "\u975E\u6CD5\u503C: "},
+        {"Unknown.password.type.", "\u672A\u77E5\u53E3\u4EE4\u7C7B\u578B: "},
+        {"Cannot.find.environment.variable.",
+                "\u627E\u4E0D\u5230\u73AF\u5883\u53D8\u91CF: "},
+        {"Cannot.find.file.", "\u627E\u4E0D\u5230\u6587\u4EF6: "},
+        {"Command.option.flag.needs.an.argument.", "\u547D\u4EE4\u9009\u9879{0}\u9700\u8981\u4E00\u4E2A\u53C2\u6570\u3002"},
+        {"Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value.",
+                "\u8B66\u544A: PKCS12 KeyStore \u4E0D\u652F\u6301\u5176\u4ED6\u5B58\u50A8\u548C\u5BC6\u94A5\u53E3\u4EE4\u3002\u6B63\u5728\u5FFD\u7565\u7528\u6237\u6307\u5B9A\u7684{0}\u503C\u3002"},
+        {".keystore.must.be.NONE.if.storetype.is.{0}",
+                "\u5982\u679C -storetype \u4E3A {0}, \u5219 -keystore \u5FC5\u987B\u4E3A NONE"},
+        {"Too.many.retries.program.terminated",
+                 "\u91CD\u8BD5\u6B21\u6570\u8FC7\u591A, \u7A0B\u5E8F\u5DF2\u7EC8\u6B62"},
+        {".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}",
+                "\u5982\u679C -storetype \u4E3A {0}, \u5219\u4E0D\u652F\u6301 -storepasswd \u548C -keypasswd \u547D\u4EE4"},
+        {".keypasswd.commands.not.supported.if.storetype.is.PKCS12",
+                "\u5982\u679C -storetype \u4E3A PKCS12, \u5219\u4E0D\u652F\u6301 -keypasswd \u547D\u4EE4"},
+        {".keypass.and.new.can.not.be.specified.if.storetype.is.{0}",
+                "\u5982\u679C -storetype \u4E3A {0}, \u5219\u4E0D\u80FD\u6307\u5B9A -keypass \u548C -new"},
+        {"if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified",
+                "\u5982\u679C\u6307\u5B9A\u4E86 -protected, \u5219\u4E0D\u80FD\u6307\u5B9A -storepass, -keypass \u548C -new"},
+        {"if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified",
+                "\u5982\u679C\u6307\u5B9A\u4E86 -srcprotected, \u5219\u4E0D\u80FD\u6307\u5B9A -srcstorepass \u548C -srckeypass"},
+        {"if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified",
+                "\u5982\u679C\u5BC6\u94A5\u5E93\u672A\u53D7\u53E3\u4EE4\u4FDD\u62A4, \u5219\u4E0D\u80FD\u6307\u5B9A -storepass, -keypass \u548C -new"},
+        {"if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified",
+                "\u5982\u679C\u6E90\u5BC6\u94A5\u5E93\u672A\u53D7\u53E3\u4EE4\u4FDD\u62A4, \u5219\u4E0D\u80FD\u6307\u5B9A -srcstorepass \u548C -srckeypass"},
+        {"Illegal.startdate.value", "\u975E\u6CD5\u5F00\u59CB\u65E5\u671F\u503C"},
+        {"Validity.must.be.greater.than.zero",
+                "\u6709\u6548\u671F\u5FC5\u987B\u5927\u4E8E\u96F6"},
+        {"provName.not.a.provider", "{0}\u4E0D\u662F\u63D0\u4F9B\u65B9"},
+        {"Usage.error.no.command.provided", "\u7528\u6CD5\u9519\u8BEF: \u6CA1\u6709\u63D0\u4F9B\u547D\u4EE4"},
+        {"Source.keystore.file.exists.but.is.empty.", "\u6E90\u5BC6\u94A5\u5E93\u6587\u4EF6\u5B58\u5728, \u4F46\u4E3A\u7A7A: "},
+        {"Please.specify.srckeystore", "\u8BF7\u6307\u5B9A -srckeystore"},
+        {"Must.not.specify.both.v.and.rfc.with.list.command",
+                "'list' \u547D\u4EE4\u4E0D\u80FD\u540C\u65F6\u6307\u5B9A -v \u53CA -rfc"},
+        {"Key.password.must.be.at.least.6.characters",
+                "\u5BC6\u94A5\u53E3\u4EE4\u81F3\u5C11\u5FC5\u987B\u4E3A 6 \u4E2A\u5B57\u7B26"},
+        {"New.password.must.be.at.least.6.characters",
+                "\u65B0\u53E3\u4EE4\u81F3\u5C11\u5FC5\u987B\u4E3A 6 \u4E2A\u5B57\u7B26"},
+        {"Keystore.file.exists.but.is.empty.",
+                "\u5BC6\u94A5\u5E93\u6587\u4EF6\u5B58\u5728, \u4F46\u4E3A\u7A7A: "},
+        {"Keystore.file.does.not.exist.",
+                "\u5BC6\u94A5\u5E93\u6587\u4EF6\u4E0D\u5B58\u5728: "},
+        {"Must.specify.destination.alias", "\u5FC5\u987B\u6307\u5B9A\u76EE\u6807\u522B\u540D"},
+        {"Must.specify.alias", "\u5FC5\u987B\u6307\u5B9A\u522B\u540D"},
+        {"Keystore.password.must.be.at.least.6.characters",
+                "\u5BC6\u94A5\u5E93\u53E3\u4EE4\u81F3\u5C11\u5FC5\u987B\u4E3A 6 \u4E2A\u5B57\u7B26"},
+        {"Enter.keystore.password.", "\u8F93\u5165\u5BC6\u94A5\u5E93\u53E3\u4EE4:  "},
+        {"Enter.source.keystore.password.", "\u8F93\u5165\u6E90\u5BC6\u94A5\u5E93\u53E3\u4EE4:  "},
+        {"Enter.destination.keystore.password.", "\u8F93\u5165\u76EE\u6807\u5BC6\u94A5\u5E93\u53E3\u4EE4:  "},
+        {"Keystore.password.is.too.short.must.be.at.least.6.characters",
+         "\u5BC6\u94A5\u5E93\u53E3\u4EE4\u592A\u77ED - \u81F3\u5C11\u5FC5\u987B\u4E3A 6 \u4E2A\u5B57\u7B26"},
+        {"Unknown.Entry.Type", "\u672A\u77E5\u6761\u76EE\u7C7B\u578B"},
+        {"Too.many.failures.Alias.not.changed", "\u6545\u969C\u592A\u591A\u3002\u672A\u66F4\u6539\u522B\u540D"},
+        {"Entry.for.alias.alias.successfully.imported.",
+                 "\u5DF2\u6210\u529F\u5BFC\u5165\u522B\u540D {0} \u7684\u6761\u76EE\u3002"},
+        {"Entry.for.alias.alias.not.imported.", "\u672A\u5BFC\u5165\u522B\u540D {0} \u7684\u6761\u76EE\u3002"},
+        {"Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported.",
+                 "\u5BFC\u5165\u522B\u540D {0} \u7684\u6761\u76EE\u65F6\u51FA\u73B0\u95EE\u9898: {1}\u3002\n\u672A\u5BFC\u5165\u522B\u540D {0} \u7684\u6761\u76EE\u3002"},
+        {"Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled",
+                 "\u5DF2\u5B8C\u6210\u5BFC\u5165\u547D\u4EE4: {0} \u4E2A\u6761\u76EE\u6210\u529F\u5BFC\u5165, {1} \u4E2A\u6761\u76EE\u5931\u8D25\u6216\u53D6\u6D88"},
+        {"Warning.Overwriting.existing.alias.alias.in.destination.keystore",
+                 "\u8B66\u544A: \u6B63\u5728\u8986\u76D6\u76EE\u6807\u5BC6\u94A5\u5E93\u4E2D\u7684\u73B0\u6709\u522B\u540D {0}"},
+        {"Existing.entry.alias.alias.exists.overwrite.no.",
+                 "\u5B58\u5728\u73B0\u6709\u6761\u76EE\u522B\u540D {0}, \u662F\u5426\u8986\u76D6? [no]:  "},
+        {"Too.many.failures.try.later", "\u6545\u969C\u592A\u591A - \u8BF7\u7A0D\u540E\u518D\u8BD5"},
+        {"Certification.request.stored.in.file.filename.",
+                "\u5B58\u50A8\u5728\u6587\u4EF6 <{0}> \u4E2D\u7684\u8BA4\u8BC1\u8BF7\u6C42"},
+        {"Submit.this.to.your.CA", "\u5C06\u6B64\u63D0\u4EA4\u7ED9\u60A8\u7684 CA"},
+        {"if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified",
+            "\u5982\u679C\u6CA1\u6709\u6307\u5B9A\u522B\u540D, \u5219\u4E0D\u80FD\u6307\u5B9A\u76EE\u6807\u522B\u540D, \u6E90\u5BC6\u94A5\u5E93\u53E3\u4EE4\u548C\u76EE\u6807\u5BC6\u94A5\u5E93\u53E3\u4EE4"},
+        {"Certificate.stored.in.file.filename.",
+                "\u5B58\u50A8\u5728\u6587\u4EF6 <{0}> \u4E2D\u7684\u8BC1\u4E66"},
+        {"Certificate.reply.was.installed.in.keystore",
+                "\u8BC1\u4E66\u56DE\u590D\u5DF2\u5B89\u88C5\u5728\u5BC6\u94A5\u5E93\u4E2D"},
+        {"Certificate.reply.was.not.installed.in.keystore",
+                "\u8BC1\u4E66\u56DE\u590D\u672A\u5B89\u88C5\u5728\u5BC6\u94A5\u5E93\u4E2D"},
+        {"Certificate.was.added.to.keystore",
+                "\u8BC1\u4E66\u5DF2\u6DFB\u52A0\u5230\u5BC6\u94A5\u5E93\u4E2D"},
+        {"Certificate.was.not.added.to.keystore",
+                "\u8BC1\u4E66\u672A\u6DFB\u52A0\u5230\u5BC6\u94A5\u5E93\u4E2D"},
+        {".Storing.ksfname.", "[\u6B63\u5728\u5B58\u50A8{0}]"},
+        {"alias.has.no.public.key.certificate.",
+                "{0}\u6CA1\u6709\u516C\u5171\u5BC6\u94A5 (\u8BC1\u4E66)"},
+        {"Cannot.derive.signature.algorithm",
+                "\u65E0\u6CD5\u6D3E\u751F\u7B7E\u540D\u7B97\u6CD5"},
+        {"Alias.alias.does.not.exist",
+                "\u522B\u540D <{0}> \u4E0D\u5B58\u5728"},
+        {"Alias.alias.has.no.certificate",
+                "\u522B\u540D <{0}> \u6CA1\u6709\u8BC1\u4E66"},
+        {"Key.pair.not.generated.alias.alias.already.exists",
+                "\u672A\u751F\u6210\u5BC6\u94A5\u5BF9, \u522B\u540D <{0}> \u5DF2\u7ECF\u5B58\u5728"},
+        {"Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for",
+                "\u6B63\u5728\u4E3A\u4EE5\u4E0B\u5BF9\u8C61\u751F\u6210 {0} \u4F4D{1}\u5BC6\u94A5\u5BF9\u548C\u81EA\u7B7E\u540D\u8BC1\u4E66 ({2}) (\u6709\u6548\u671F\u4E3A {3} \u5929):\n\t {4}"},
+        {"Enter.key.password.for.alias.", "\u8F93\u5165 <{0}> \u7684\u5BC6\u94A5\u53E3\u4EE4"},
+        {".RETURN.if.same.as.keystore.password.",
+                "\t(\u5982\u679C\u548C\u5BC6\u94A5\u5E93\u53E3\u4EE4\u76F8\u540C, \u6309\u56DE\u8F66):  "},
+        {"Key.password.is.too.short.must.be.at.least.6.characters",
+                "\u5BC6\u94A5\u53E3\u4EE4\u592A\u77ED - \u81F3\u5C11\u5FC5\u987B\u4E3A 6 \u4E2A\u5B57\u7B26"},
+        {"Too.many.failures.key.not.added.to.keystore",
+                "\u6545\u969C\u592A\u591A - \u5BC6\u94A5\u672A\u6DFB\u52A0\u5230\u5BC6\u94A5\u5E93\u4E2D"},
+        {"Destination.alias.dest.already.exists",
+                "\u76EE\u6807\u522B\u540D <{0}> \u5DF2\u7ECF\u5B58\u5728"},
+        {"Password.is.too.short.must.be.at.least.6.characters",
+                "\u53E3\u4EE4\u592A\u77ED - \u81F3\u5C11\u5FC5\u987B\u4E3A 6 \u4E2A\u5B57\u7B26"},
+        {"Too.many.failures.Key.entry.not.cloned",
+                "\u6545\u969C\u592A\u591A\u3002\u672A\u514B\u9686\u5BC6\u94A5\u6761\u76EE"},
+        {"key.password.for.alias.", "<{0}> \u7684\u5BC6\u94A5\u53E3\u4EE4"},
+        {"Keystore.entry.for.id.getName.already.exists",
+                "<{0}> \u7684\u5BC6\u94A5\u5E93\u6761\u76EE\u5DF2\u7ECF\u5B58\u5728"},
+        {"Creating.keystore.entry.for.id.getName.",
+                "\u6B63\u5728\u521B\u5EFA <{0}> \u7684\u5BC6\u94A5\u5E93\u6761\u76EE..."},
+        {"No.entries.from.identity.database.added",
+                "\u672A\u4ECE\u8EAB\u4EFD\u6570\u636E\u5E93\u4E2D\u6DFB\u52A0\u4EFB\u4F55\u6761\u76EE"},
+        {"Alias.name.alias", "\u522B\u540D: {0}"},
+        {"Creation.date.keyStore.getCreationDate.alias.",
+                "\u521B\u5EFA\u65E5\u671F: {0,date}"},
+        {"alias.keyStore.getCreationDate.alias.",
+                "{0}, {1,date}, "},
+        {"alias.", "{0}, "},
+        {"Entry.type.type.", "\u6761\u76EE\u7C7B\u578B: {0}"},
+        {"Certificate.chain.length.", "\u8BC1\u4E66\u94FE\u957F\u5EA6: "},
+        {"Certificate.i.1.", "\u8BC1\u4E66[{0,number,integer}]:"},
+        {"Certificate.fingerprint.SHA1.", "\u8BC1\u4E66\u6307\u7EB9 (SHA1): "},
+        {"Keystore.type.", "\u5BC6\u94A5\u5E93\u7C7B\u578B: "},
+        {"Keystore.provider.", "\u5BC6\u94A5\u5E93\u63D0\u4F9B\u65B9: "},
+        {"Your.keystore.contains.keyStore.size.entry",
+                "\u60A8\u7684\u5BC6\u94A5\u5E93\u5305\u542B {0,number,integer} \u4E2A\u6761\u76EE"},
+        {"Your.keystore.contains.keyStore.size.entries",
+                "\u60A8\u7684\u5BC6\u94A5\u5E93\u5305\u542B {0,number,integer} \u4E2A\u6761\u76EE"},
+        {"Failed.to.parse.input", "\u65E0\u6CD5\u5BF9\u8F93\u5165\u8FDB\u884C\u8BED\u6CD5\u5206\u6790"},
+        {"Empty.input", "\u7A7A\u8F93\u5165"},
+        {"Not.X.509.certificate", "\u975E X.509 \u8BC1\u4E66"},
+        {"alias.has.no.public.key", "{0}\u6CA1\u6709\u516C\u5171\u5BC6\u94A5"},
+        {"alias.has.no.X.509.certificate", "{0}\u6CA1\u6709 X.509 \u8BC1\u4E66"},
+        {"New.certificate.self.signed.", "\u65B0\u8BC1\u4E66 (\u81EA\u7B7E\u540D):"},
+        {"Reply.has.no.certificates", "\u56DE\u590D\u4E2D\u6CA1\u6709\u8BC1\u4E66"},
+        {"Certificate.not.imported.alias.alias.already.exists",
+                "\u8BC1\u4E66\u672A\u5BFC\u5165, \u522B\u540D <{0}> \u5DF2\u7ECF\u5B58\u5728"},
+        {"Input.not.an.X.509.certificate", "\u6240\u8F93\u5165\u7684\u4E0D\u662F X.509 \u8BC1\u4E66"},
+        {"Certificate.already.exists.in.keystore.under.alias.trustalias.",
+                "\u5728\u522B\u540D <{0}> \u4E4B\u4E0B, \u8BC1\u4E66\u5DF2\u7ECF\u5B58\u5728\u4E8E\u5BC6\u94A5\u5E93\u4E2D"},
+        {"Do.you.still.want.to.add.it.no.",
+                "\u662F\u5426\u4ECD\u8981\u6DFB\u52A0? [no]:  "},
+        {"Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias.",
+                "\u5728\u522B\u540D <{0}> \u4E4B\u4E0B, \u8BC1\u4E66\u5DF2\u7ECF\u5B58\u5728\u4E8E\u7CFB\u7EDF\u8303\u56F4\u7684 CA \u5BC6\u94A5\u5E93\u4E2D"},
+        {"Do.you.still.want.to.add.it.to.your.own.keystore.no.",
+                "\u662F\u5426\u4ECD\u8981\u5C06\u5B83\u6DFB\u52A0\u5230\u81EA\u5DF1\u7684\u5BC6\u94A5\u5E93? [no]:  "},
+        {"Trust.this.certificate.no.", "\u662F\u5426\u4FE1\u4EFB\u6B64\u8BC1\u4E66? [no]:  "},
+        {"YES", "\u662F"},
+        {"New.prompt.", "\u65B0{0}: "},
+        {"Passwords.must.differ", "\u53E3\u4EE4\u4E0D\u80FD\u76F8\u540C"},
+        {"Re.enter.new.prompt.", "\u91CD\u65B0\u8F93\u5165\u65B0{0}: "},
+        {"Re.enter.new.password.", "\u518D\u6B21\u8F93\u5165\u65B0\u53E3\u4EE4: "},
+        {"They.don.t.match.Try.again", "\u5B83\u4EEC\u4E0D\u5339\u914D\u3002\u8BF7\u91CD\u8BD5"},
+        {"Enter.prompt.alias.name.", "\u8F93\u5165{0}\u522B\u540D:  "},
+        {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
+                 "\u8F93\u5165\u65B0\u7684\u522B\u540D\t(\u6309\u56DE\u8F66\u4EE5\u53D6\u6D88\u5BF9\u6B64\u6761\u76EE\u7684\u5BFC\u5165):  "},
+        {"Enter.alias.name.", "\u8F93\u5165\u522B\u540D:  "},
+        {".RETURN.if.same.as.for.otherAlias.",
+                "\t(\u5982\u679C\u548C <{0}> \u76F8\u540C, \u5219\u6309\u56DE\u8F66)"},
+        {".PATTERN.printX509Cert",
+                "\u6240\u6709\u8005: {0}\n\u53D1\u5E03\u8005: {1}\n\u5E8F\u5217\u53F7: {2}\n\u6709\u6548\u671F\u5F00\u59CB\u65E5\u671F: {3}, \u622A\u6B62\u65E5\u671F: {4}\n\u8BC1\u4E66\u6307\u7EB9:\n\t MD5: {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t \u7B7E\u540D\u7B97\u6CD5\u540D\u79F0: {8}\n\t \u7248\u672C: {9}"},
+        {"What.is.your.first.and.last.name.",
+                "\u60A8\u7684\u540D\u5B57\u4E0E\u59D3\u6C0F\u662F\u4EC0\u4E48?"},
+        {"What.is.the.name.of.your.organizational.unit.",
+                "\u60A8\u7684\u7EC4\u7EC7\u5355\u4F4D\u540D\u79F0\u662F\u4EC0\u4E48?"},
+        {"What.is.the.name.of.your.organization.",
+                "\u60A8\u7684\u7EC4\u7EC7\u540D\u79F0\u662F\u4EC0\u4E48?"},
+        {"What.is.the.name.of.your.City.or.Locality.",
+                "\u60A8\u6240\u5728\u7684\u57CE\u5E02\u6216\u533A\u57DF\u540D\u79F0\u662F\u4EC0\u4E48?"},
+        {"What.is.the.name.of.your.State.or.Province.",
+                "\u60A8\u6240\u5728\u7684\u7701/\u5E02/\u81EA\u6CBB\u533A\u540D\u79F0\u662F\u4EC0\u4E48?"},
+        {"What.is.the.two.letter.country.code.for.this.unit.",
+                "\u8BE5\u5355\u4F4D\u7684\u53CC\u5B57\u6BCD\u56FD\u5BB6/\u5730\u533A\u4EE3\u7801\u662F\u4EC0\u4E48?"},
+        {"Is.name.correct.", "{0}\u662F\u5426\u6B63\u786E?"},
+        {"no", "\u5426"},
+        {"yes", "\u662F"},
+        {"y", "y"},
+        {".defaultValue.", "  [{0}]:  "},
+        {"Alias.alias.has.no.key",
+                "\u522B\u540D <{0}> \u6CA1\u6709\u5BC6\u94A5"},
+        {"Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key",
+                 "\u522B\u540D <{0}> \u5F15\u7528\u4E86\u4E0D\u5C5E\u4E8E\u79C1\u6709\u5BC6\u94A5\u6761\u76EE\u7684\u6761\u76EE\u7C7B\u578B\u3002-keyclone \u547D\u4EE4\u4EC5\u652F\u6301\u5BF9\u79C1\u6709\u5BC6\u94A5\u6761\u76EE\u7684\u514B\u9686"},
+
+        {".WARNING.WARNING.WARNING.",
+            "*****************  \u8B66\u544A \u8B66\u544A \u8B66\u544A  *****************"},
+        {"Signer.d.", "\u7B7E\u540D\u8005 #%d:"},
+        {"Timestamp.", "\u65F6\u95F4\u6233:"},
+        {"Signature.", "\u7B7E\u540D:"},
+        {"CRLs.", "CRL:"},
+        {"Certificate.owner.", "\u8BC1\u4E66\u6240\u6709\u8005: "},
+        {"Not.a.signed.jar.file", "\u4E0D\u662F\u5DF2\u7B7E\u540D\u7684 jar \u6587\u4EF6"},
+        {"No.certificate.from.the.SSL.server",
+                "\u6CA1\u6709\u6765\u81EA SSL \u670D\u52A1\u5668\u7684\u8BC1\u4E66"},
+
+        {".The.integrity.of.the.information.stored.in.your.keystore.",
+            "* \u5B58\u50A8\u5728\u60A8\u7684\u5BC6\u94A5\u5E93\u4E2D\u7684\u4FE1\u606F\u7684\u5B8C\u6574\u6027  *\n* \u5C1A\u672A\u7ECF\u8FC7\u9A8C\u8BC1!  \u4E3A\u4E86\u9A8C\u8BC1\u5176\u5B8C\u6574\u6027, *\n* \u5FC5\u987B\u63D0\u4F9B\u5BC6\u94A5\u5E93\u53E3\u4EE4\u3002                  *"},
+        {".The.integrity.of.the.information.stored.in.the.srckeystore.",
+            "* \u5B58\u50A8\u5728 srckeystore \u4E2D\u7684\u4FE1\u606F\u7684\u5B8C\u6574\u6027*\n* \u5C1A\u672A\u7ECF\u8FC7\u9A8C\u8BC1!  \u4E3A\u4E86\u9A8C\u8BC1\u5176\u5B8C\u6574\u6027, *\n* \u5FC5\u987B\u63D0\u4F9B\u6E90\u5BC6\u94A5\u5E93\u53E3\u4EE4\u3002                  *"},
+
+        {"Certificate.reply.does.not.contain.public.key.for.alias.",
+                "\u8BC1\u4E66\u56DE\u590D\u4E2D\u4E0D\u5305\u542B <{0}> \u7684\u516C\u5171\u5BC6\u94A5"},
+        {"Incomplete.certificate.chain.in.reply",
+                "\u56DE\u590D\u4E2D\u7684\u8BC1\u4E66\u94FE\u4E0D\u5B8C\u6574"},
+        {"Certificate.chain.in.reply.does.not.verify.",
+                "\u56DE\u590D\u4E2D\u7684\u8BC1\u4E66\u94FE\u672A\u9A8C\u8BC1: "},
+        {"Top.level.certificate.in.reply.",
+                "\u56DE\u590D\u4E2D\u7684\u9876\u7EA7\u8BC1\u4E66:\n"},
+        {".is.not.trusted.", "... \u662F\u4E0D\u53EF\u4FE1\u7684\u3002"},
+        {"Install.reply.anyway.no.", "\u662F\u5426\u4ECD\u8981\u5B89\u88C5\u56DE\u590D? [no]:  "},
+        {"NO", "\u5426"},
+        {"Public.keys.in.reply.and.keystore.don.t.match",
+                "\u56DE\u590D\u4E2D\u7684\u516C\u5171\u5BC6\u94A5\u4E0E\u5BC6\u94A5\u5E93\u4E0D\u5339\u914D"},
+        {"Certificate.reply.and.certificate.in.keystore.are.identical",
+                "\u8BC1\u4E66\u56DE\u590D\u4E0E\u5BC6\u94A5\u5E93\u4E2D\u7684\u8BC1\u4E66\u662F\u76F8\u540C\u7684"},
+        {"Failed.to.establish.chain.from.reply",
+                "\u65E0\u6CD5\u4ECE\u56DE\u590D\u4E2D\u5EFA\u7ACB\u94FE"},
+        {"n", "n"},
+        {"Wrong.answer.try.again", "\u9519\u8BEF\u7684\u7B54\u6848, \u8BF7\u518D\u8BD5\u4E00\u6B21"},
+        {"Secret.key.not.generated.alias.alias.already.exists",
+                "\u6CA1\u6709\u751F\u6210\u5BC6\u94A5, \u522B\u540D <{0}> \u5DF2\u7ECF\u5B58\u5728"},
+        {"Please.provide.keysize.for.secret.key.generation",
+                "\u8BF7\u63D0\u4F9B -keysize \u4EE5\u751F\u6210\u5BF9\u79F0\u5BC6\u94A5"},
+
+        {"Extensions.", "\u6269\u5C55: "},
+        {".Empty.value.", "(\u7A7A\u503C)"},
+        {"Extension.Request.", "\u6269\u5C55\u8BF7\u6C42:"},
+        {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
+                "PKCS #10 \u8BC1\u4E66\u8BF7\u6C42 (\u7248\u672C 1.0)\n\u4E3B\u9898: %s\n\u516C\u5171\u5BC6\u94A5: %s \u683C\u5F0F %s \u5BC6\u94A5\n"},
+        {"Unknown.keyUsage.type.", "\u672A\u77E5 keyUsage \u7C7B\u578B: "},
+        {"Unknown.extendedkeyUsage.type.", "\u672A\u77E5 extendedkeyUsage \u7C7B\u578B: "},
+        {"Unknown.AccessDescription.type.", "\u672A\u77E5 AccessDescription \u7C7B\u578B: "},
+        {"Unrecognized.GeneralName.type.", "\u65E0\u6CD5\u8BC6\u522B\u7684 GeneralName \u7C7B\u578B: "},
+        {"This.extension.cannot.be.marked.as.critical.",
+                 "\u65E0\u6CD5\u5C06\u6B64\u6269\u5C55\u6807\u8BB0\u4E3A\u201C\u4E25\u91CD\u201D\u3002"},
+        {"Odd.number.of.hex.digits.found.", "\u627E\u5230\u5947\u6570\u4E2A\u5341\u516D\u8FDB\u5236\u6570\u5B57: "},
+        {"Unknown.extension.type.", "\u672A\u77E5\u6269\u5C55\u7C7B\u578B: "},
+        {"command.{0}.is.ambiguous.", "\u547D\u4EE4{0}\u4E0D\u660E\u786E:"}
+    };
+
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/keytool/Resources_zh_HK.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,431 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.keytool;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for the keytool.
+ *
+ */
+public class Resources_zh_HK extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+        {"NEWLINE", "\n"},
+        {"STAR",
+                "*******************************************"},
+        {"STARNN",
+                "*******************************************\n\n"},
+
+        // keytool: Help part
+// "Option" should be translated.
+        {".OPTION.", " [\u9078\u9805]..."},
+        {"Options.", "\u9078\u9805:"},
+        {"Use.keytool.help.for.all.available.commands",
+                 "\u4F7F\u7528 \"keytool -help\" \u53D6\u5F97\u6240\u6709\u53EF\u7528\u7684\u547D\u4EE4"},
+        {"Key.and.Certificate.Management.Tool",
+                 "\u91D1\u9470\u8207\u6191\u8B49\u7BA1\u7406\u5DE5\u5177"},
+        {"Commands.", "\u547D\u4EE4:"},
+        {"Use.keytool.command.name.help.for.usage.of.command.name",
+                "\u4F7F\u7528 \"keytool -command_name -help\" \u53D6\u5F97 command_name \u7684\u7528\u6CD5"},
+        // keytool: help: commands
+        {"Generates.a.certificate.request",
+                "\u7522\u751F\u6191\u8B49\u8981\u6C42"}, //-certreq
+        {"Changes.an.entry.s.alias",
+                "\u8B8A\u66F4\u9805\u76EE\u7684\u5225\u540D"}, //-changealias
+        {"Deletes.an.entry",
+                "\u522A\u9664\u9805\u76EE"}, //-delete
+        {"Exports.certificate",
+                "\u532F\u51FA\u6191\u8B49"}, //-exportcert
+        {"Generates.a.key.pair",
+                "\u7522\u751F\u91D1\u9470\u7D44"}, //-genkeypair
+// translation of "secret" key should be different to "private" key.
+        {"Generates.a.secret.key",
+                "\u7522\u751F\u79D8\u5BC6\u91D1\u9470"}, //-genseckey
+        {"Generates.certificate.from.a.certificate.request",
+                "\u5F9E\u6191\u8B49\u8981\u6C42\u7522\u751F\u6191\u8B49"}, //-gencert
+        {"Generates.CRL", "\u7522\u751F CRL"}, //-gencrl
+        {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
+                "\u5F9E JDK 1.1.x-style \u8B58\u5225\u8CC7\u6599\u5EAB\u532F\u5165\u9805\u76EE"}, //-identitydb
+        {"Imports.a.certificate.or.a.certificate.chain",
+                "\u532F\u5165\u6191\u8B49\u6216\u6191\u8B49\u93C8"}, //-importcert
+        {"Imports.one.or.all.entries.from.another.keystore",
+                "\u5F9E\u5176\u4ED6\u91D1\u9470\u5132\u5B58\u5EAB\u532F\u5165\u4E00\u500B\u6216\u5168\u90E8\u9805\u76EE"}, //-importkeystore
+        {"Clones.a.key.entry",
+                "\u8907\u88FD\u91D1\u9470\u9805\u76EE"}, //-keyclone
+        {"Changes.the.key.password.of.an.entry",
+                "\u8B8A\u66F4\u9805\u76EE\u7684\u91D1\u9470\u5BC6\u78BC"}, //-keypasswd
+        {"Lists.entries.in.a.keystore",
+                "\u5217\u793A\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D\u7684\u9805\u76EE"}, //-list
+        {"Prints.the.content.of.a.certificate",
+                "\u5217\u5370\u6191\u8B49\u7684\u5167\u5BB9"}, //-printcert
+        {"Prints.the.content.of.a.certificate.request",
+                "\u5217\u5370\u6191\u8B49\u8981\u6C42\u7684\u5167\u5BB9"}, //-printcertreq
+        {"Prints.the.content.of.a.CRL.file",
+                "\u5217\u5370 CRL \u6A94\u6848\u7684\u5167\u5BB9"}, //-printcrl
+        {"Generates.a.self.signed.certificate",
+                "\u7522\u751F\u81EA\u884C\u7C3D\u7F72\u7684\u6191\u8B49"}, //-selfcert
+        {"Changes.the.store.password.of.a.keystore",
+                "\u8B8A\u66F4\u91D1\u9470\u5132\u5B58\u5EAB\u7684\u5132\u5B58\u5BC6\u78BC"}, //-storepasswd
+        // keytool: help: options
+        {"alias.name.of.the.entry.to.process",
+                "\u8981\u8655\u7406\u9805\u76EE\u7684\u5225\u540D\u540D\u7A31"}, //-alias
+        {"destination.alias",
+                "\u76EE\u7684\u5730\u5225\u540D"}, //-destalias
+        {"destination.key.password",
+                "\u76EE\u7684\u5730\u91D1\u9470\u5BC6\u78BC"}, //-destkeypass
+        {"destination.keystore.name",
+                "\u76EE\u7684\u5730\u91D1\u9470\u5132\u5B58\u5EAB\u540D\u7A31"}, //-destkeystore
+        {"destination.keystore.password.protected",
+                "\u76EE\u7684\u5730\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC\u4FDD\u8B77"}, //-destprotected
+        {"destination.keystore.provider.name",
+                "\u76EE\u7684\u5730\u91D1\u9470\u5132\u5B58\u5EAB\u63D0\u4F9B\u8005\u540D\u7A31"}, //-destprovidername
+        {"destination.keystore.password",
+                "\u76EE\u7684\u5730\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC"}, //-deststorepass
+        {"destination.keystore.type",
+                "\u76EE\u7684\u5730\u91D1\u9470\u5132\u5B58\u5EAB\u985E\u578B"}, //-deststoretype
+        {"distinguished.name",
+                "\u8FA8\u5225\u540D\u7A31"}, //-dname
+        {"X.509.extension",
+                "X.509 \u64F4\u5145\u5957\u4EF6"}, //-ext
+        {"output.file.name",
+                "\u8F38\u51FA\u6A94\u6848\u540D\u7A31"}, //-file and -outfile
+        {"input.file.name",
+                "\u8F38\u5165\u6A94\u6848\u540D\u7A31"}, //-file and -infile
+        {"key.algorithm.name",
+                "\u91D1\u9470\u6F14\u7B97\u6CD5\u540D\u7A31"}, //-keyalg
+        {"key.password",
+                "\u91D1\u9470\u5BC6\u78BC"}, //-keypass
+        {"key.bit.size",
+                "\u91D1\u9470\u4F4D\u5143\u5927\u5C0F"}, //-keysize
+        {"keystore.name",
+                "\u91D1\u9470\u5132\u5B58\u5EAB\u540D\u7A31"}, //-keystore
+        {"new.password",
+                "\u65B0\u5BC6\u78BC"}, //-new
+        {"do.not.prompt",
+                "\u4E0D\u8981\u63D0\u793A"}, //-noprompt
+        {"password.through.protected.mechanism",
+                "\u7D93\u7531\u4FDD\u8B77\u6A5F\u5236\u7684\u5BC6\u78BC"}, //-protected
+        {"provider.argument",
+                "\u63D0\u4F9B\u8005\u5F15\u6578"}, //-providerarg
+        {"provider.class.name",
+                "\u63D0\u4F9B\u8005\u985E\u5225\u540D\u7A31"}, //-providerclass
+        {"provider.name",
+                "\u63D0\u4F9B\u8005\u540D\u7A31"}, //-providername
+        {"provider.classpath",
+                "\u63D0\u4F9B\u8005\u985E\u5225\u8DEF\u5F91"}, //-providerpath
+        {"output.in.RFC.style",
+                "\u4EE5 RFC \u6A23\u5F0F\u8F38\u51FA"}, //-rfc
+        {"signature.algorithm.name",
+                "\u7C3D\u7AE0\u6F14\u7B97\u6CD5\u540D\u7A31"}, //-sigalg
+        {"source.alias",
+                "\u4F86\u6E90\u5225\u540D"}, //-srcalias
+        {"source.key.password",
+                "\u4F86\u6E90\u91D1\u9470\u5BC6\u78BC"}, //-srckeypass
+        {"source.keystore.name",
+                "\u4F86\u6E90\u91D1\u9470\u5132\u5B58\u5EAB\u540D\u7A31"}, //-srckeystore
+        {"source.keystore.password.protected",
+                "\u4F86\u6E90\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC\u4FDD\u8B77"}, //-srcprotected
+        {"source.keystore.provider.name",
+                "\u4F86\u6E90\u91D1\u9470\u5132\u5B58\u5EAB\u63D0\u4F9B\u8005\u540D\u7A31"}, //-srcprovidername
+        {"source.keystore.password",
+                "\u4F86\u6E90\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC"}, //-srcstorepass
+        {"source.keystore.type",
+                "\u4F86\u6E90\u91D1\u9470\u5132\u5B58\u5EAB\u985E\u578B"}, //-srcstoretype
+        {"SSL.server.host.and.port",
+                "SSL \u4F3A\u670D\u5668\u4E3B\u6A5F\u8207\u9023\u63A5\u57E0"}, //-sslserver
+        {"signed.jar.file",
+                "\u7C3D\u7F72\u7684 jar \u6A94\u6848"}, //=jarfile
+        {"certificate.validity.start.date.time",
+                "\u6191\u8B49\u6709\u6548\u6027\u958B\u59CB\u65E5\u671F/\u6642\u9593"}, //-startdate
+        {"keystore.password",
+                "\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC"}, //-storepass
+        {"keystore.type",
+                "\u91D1\u9470\u5132\u5B58\u5EAB\u985E\u578B"}, //-storetype
+        {"trust.certificates.from.cacerts",
+                "\u4F86\u81EA cacerts \u7684\u4FE1\u4EFB\u6191\u8B49"}, //-trustcacerts
+        {"verbose.output",
+                "\u8A73\u7D30\u8CC7\u8A0A\u8F38\u51FA"}, //-v
+        {"validity.number.of.days",
+                "\u6709\u6548\u6027\u65E5\u6578"}, //-validity
+        {"Serial.ID.of.cert.to.revoke",
+                 "\u8981\u64A4\u92B7\u6191\u8B49\u7684\u5E8F\u5217 ID"}, //-id
+        // keytool: Running part
+        {"keytool.error.", "\u91D1\u9470\u5DE5\u5177\u932F\u8AA4: "},
+        {"Illegal.option.", "\u7121\u6548\u7684\u9078\u9805:"},
+        {"Illegal.value.", "\u7121\u6548\u503C: "},
+        {"Unknown.password.type.", "\u4E0D\u660E\u7684\u5BC6\u78BC\u985E\u578B: "},
+        {"Cannot.find.environment.variable.",
+                "\u627E\u4E0D\u5230\u74B0\u5883\u8B8A\u6578: "},
+        {"Cannot.find.file.", "\u627E\u4E0D\u5230\u6A94\u6848: "},
+        {"Command.option.flag.needs.an.argument.", "\u547D\u4EE4\u9078\u9805 {0} \u9700\u8981\u5F15\u6578\u3002"},
+        {"Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value.",
+                "\u8B66\u544A: PKCS12 \u91D1\u9470\u5132\u5B58\u5EAB\u4E0D\u652F\u63F4\u4E0D\u540C\u7684\u5132\u5B58\u5EAB\u548C\u91D1\u9470\u5BC6\u78BC\u3002\u5FFD\u7565\u4F7F\u7528\u8005\u6307\u5B9A\u7684 {0} \u503C\u3002"},
+        {".keystore.must.be.NONE.if.storetype.is.{0}",
+                "\u5982\u679C -storetype \u70BA {0}\uFF0C\u5247 -keystore \u5FC5\u9808\u70BA NONE"},
+        {"Too.many.retries.program.terminated",
+                 "\u91CD\u8A66\u6B21\u6578\u592A\u591A\uFF0C\u7A0B\u5F0F\u5DF2\u7D42\u6B62"},
+        {".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}",
+                "\u5982\u679C -storetype \u70BA {0}\uFF0C\u5247\u4E0D\u652F\u63F4 -storepasswd \u548C -keypasswd \u547D\u4EE4"},
+        {".keypasswd.commands.not.supported.if.storetype.is.PKCS12",
+                "\u5982\u679C -storetype \u70BA PKCS12\uFF0C\u5247\u4E0D\u652F\u63F4 -keypasswd \u547D\u4EE4"},
+        {".keypass.and.new.can.not.be.specified.if.storetype.is.{0}",
+                "\u5982\u679C -storetype \u70BA {0}\uFF0C\u5247\u4E0D\u80FD\u6307\u5B9A -keypass \u548C -new"},
+        {"if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified",
+                "\u5982\u679C\u6307\u5B9A -protected\uFF0C\u5247\u4E0D\u80FD\u6307\u5B9A -storepass\u3001-keypass \u548C -new"},
+        {"if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified",
+                "\u5982\u679C\u6307\u5B9A -srcprotected\uFF0C\u5247\u4E0D\u80FD\u6307\u5B9A -srcstorepass \u548C -srckeypass"},
+        {"if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified",
+                "\u5982\u679C\u91D1\u9470\u5132\u5B58\u5EAB\u4E0D\u53D7\u5BC6\u78BC\u4FDD\u8B77\uFF0C\u5247\u4E0D\u80FD\u6307\u5B9A -storepass\u3001-keypass \u548C -new"},
+        {"if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified",
+                "\u5982\u679C\u4F86\u6E90\u91D1\u9470\u5132\u5B58\u5EAB\u4E0D\u53D7\u5BC6\u78BC\u4FDD\u8B77\uFF0C\u5247\u4E0D\u80FD\u6307\u5B9A -srcstorepass \u548C -srckeypass"},
+        {"Illegal.startdate.value", "\u7121\u6548\u7684 startdate \u503C"},
+        {"Validity.must.be.greater.than.zero",
+                "\u6709\u6548\u6027\u5FC5\u9808\u5927\u65BC\u96F6"},
+        {"provName.not.a.provider", "{0} \u4E0D\u662F\u4E00\u500B\u63D0\u4F9B\u8005"},
+        {"Usage.error.no.command.provided", "\u7528\u6CD5\u932F\u8AA4: \u672A\u63D0\u4F9B\u547D\u4EE4"},
+        {"Source.keystore.file.exists.but.is.empty.", "\u4F86\u6E90\u91D1\u9470\u5132\u5B58\u5EAB\u6A94\u6848\u5B58\u5728\uFF0C\u4F46\u70BA\u7A7A: "},
+        {"Please.specify.srckeystore", "\u8ACB\u6307\u5B9A -srckeystore"},
+        {"Must.not.specify.both.v.and.rfc.with.list.command",
+                " 'list' \u547D\u4EE4\u4E0D\u80FD\u540C\u6642\u6307\u5B9A -v \u53CA -rfc"},
+        {"Key.password.must.be.at.least.6.characters",
+                "\u91D1\u9470\u5BC6\u78BC\u5FC5\u9808\u81F3\u5C11\u70BA 6 \u500B\u5B57\u5143"},
+        {"New.password.must.be.at.least.6.characters",
+                "\u65B0\u7684\u5BC6\u78BC\u5FC5\u9808\u81F3\u5C11\u70BA 6 \u500B\u5B57\u5143"},
+        {"Keystore.file.exists.but.is.empty.",
+                "\u91D1\u9470\u5132\u5B58\u5EAB\u6A94\u6848\u5B58\u5728\uFF0C\u4F46\u70BA\u7A7A\u767D: "},
+        {"Keystore.file.does.not.exist.",
+                "\u91D1\u9470\u5132\u5B58\u5EAB\u6A94\u6848\u4E0D\u5B58\u5728: "},
+        {"Must.specify.destination.alias", "\u5FC5\u9808\u6307\u5B9A\u76EE\u7684\u5730\u5225\u540D"},
+        {"Must.specify.alias", "\u5FC5\u9808\u6307\u5B9A\u5225\u540D"},
+        {"Keystore.password.must.be.at.least.6.characters",
+                "\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC\u5FC5\u9808\u81F3\u5C11\u70BA 6 \u500B\u5B57\u5143"},
+        {"Enter.keystore.password.", "\u8F38\u5165\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC:  "},
+        {"Enter.source.keystore.password.", "\u8ACB\u8F38\u5165\u4F86\u6E90\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC: "},
+        {"Enter.destination.keystore.password.", "\u8ACB\u8F38\u5165\u76EE\u7684\u5730\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC: "},
+        {"Keystore.password.is.too.short.must.be.at.least.6.characters",
+         "\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC\u592A\u77ED - \u5FC5\u9808\u81F3\u5C11\u70BA 6 \u500B\u5B57\u5143"},
+        {"Unknown.Entry.Type", "\u4E0D\u660E\u7684\u9805\u76EE\u985E\u578B"},
+        {"Too.many.failures.Alias.not.changed", "\u592A\u591A\u932F\u8AA4\u3002\u672A\u8B8A\u66F4\u5225\u540D"},
+        {"Entry.for.alias.alias.successfully.imported.",
+                 "\u5DF2\u6210\u529F\u532F\u5165\u5225\u540D {0} \u7684\u9805\u76EE\u3002"},
+        {"Entry.for.alias.alias.not.imported.", "\u672A\u532F\u5165\u5225\u540D {0} \u7684\u9805\u76EE\u3002"},
+        {"Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported.",
+                 "\u532F\u5165\u5225\u540D {0} \u7684\u9805\u76EE\u6642\u51FA\u73FE\u554F\u984C: {1}\u3002\n\u672A\u532F\u5165\u5225\u540D {0} \u7684\u9805\u76EE\u3002"},
+        {"Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled",
+                 "\u5DF2\u5B8C\u6210\u532F\u5165\u547D\u4EE4: \u6210\u529F\u532F\u5165 {0} \u500B\u9805\u76EE\uFF0C{1} \u500B\u9805\u76EE\u5931\u6557\u6216\u5DF2\u53D6\u6D88"},
+        {"Warning.Overwriting.existing.alias.alias.in.destination.keystore",
+                 "\u8B66\u544A: \u6B63\u5728\u8986\u5BEB\u76EE\u7684\u5730\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D\u7684\u73FE\u6709\u5225\u540D {0}"},
+        {"Existing.entry.alias.alias.exists.overwrite.no.",
+                 "\u73FE\u6709\u9805\u76EE\u5225\u540D {0} \u5B58\u5728\uFF0C\u662F\u5426\u8986\u5BEB\uFF1F[\u5426]:  "},
+        {"Too.many.failures.try.later", "\u592A\u591A\u932F\u8AA4 - \u8ACB\u7A0D\u5F8C\u518D\u8A66"},
+        {"Certification.request.stored.in.file.filename.",
+                "\u8A8D\u8B49\u8981\u6C42\u5132\u5B58\u5728\u6A94\u6848 <{0}>"},
+        {"Submit.this.to.your.CA", "\u5C07\u6B64\u9001\u51FA\u81F3\u60A8\u7684 CA"},
+        {"if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified",
+            "\u5982\u679C\u672A\u6307\u5B9A\u5225\u540D\uFF0C\u5247\u4E0D\u80FD\u6307\u5B9A destalias\u3001srckeypass \u53CA destkeypass"},
+        {"Certificate.stored.in.file.filename.",
+                "\u6191\u8B49\u5132\u5B58\u5728\u6A94\u6848 <{0}>"},
+        {"Certificate.reply.was.installed.in.keystore",
+                "\u6191\u8B49\u56DE\u8986\u5DF2\u5B89\u88DD\u5728\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D"},
+        {"Certificate.reply.was.not.installed.in.keystore",
+                "\u6191\u8B49\u56DE\u8986\u672A\u5B89\u88DD\u5728\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D"},
+        {"Certificate.was.added.to.keystore",
+                "\u6191\u8B49\u5DF2\u65B0\u589E\u81F3\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D"},
+        {"Certificate.was.not.added.to.keystore",
+                "\u6191\u8B49\u672A\u65B0\u589E\u81F3\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D"},
+        {".Storing.ksfname.", "[\u5132\u5B58 {0}]"},
+        {"alias.has.no.public.key.certificate.",
+                "{0} \u6C92\u6709\u516C\u958B\u91D1\u9470 (\u6191\u8B49)"},
+        {"Cannot.derive.signature.algorithm",
+                "\u7121\u6CD5\u53D6\u5F97\u7C3D\u7AE0\u6F14\u7B97\u6CD5"},
+        {"Alias.alias.does.not.exist",
+                "\u5225\u540D <{0}> \u4E0D\u5B58\u5728"},
+        {"Alias.alias.has.no.certificate",
+                "\u5225\u540D <{0}> \u6C92\u6709\u6191\u8B49"},
+        {"Key.pair.not.generated.alias.alias.already.exists",
+                "\u6C92\u6709\u5EFA\u7ACB\u91D1\u9470\u7D44\uFF0C\u5225\u540D <{0}> \u5DF2\u7D93\u5B58\u5728"},
+        {"Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for",
+                "\u91DD\u5C0D {4} \u7522\u751F\u6709\u6548\u671F {3} \u5929\u7684 {0} \u4F4D\u5143 {1} \u91D1\u9470\u7D44\u4EE5\u53CA\u81EA\u6211\u7C3D\u7F72\u6191\u8B49 ({2})\n\t"},
+        {"Enter.key.password.for.alias.", "\u8F38\u5165 <{0}> \u7684\u91D1\u9470\u5BC6\u78BC"},
+        {".RETURN.if.same.as.keystore.password.",
+                "\t(RETURN \u5982\u679C\u548C\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC\u76F8\u540C):  "},
+        {"Key.password.is.too.short.must.be.at.least.6.characters",
+                "\u91D1\u9470\u5BC6\u78BC\u592A\u77ED - \u5FC5\u9808\u81F3\u5C11\u70BA 6 \u500B\u5B57\u5143"},
+        {"Too.many.failures.key.not.added.to.keystore",
+                "\u592A\u591A\u932F\u8AA4 - \u91D1\u9470\u672A\u65B0\u589E\u81F3\u91D1\u9470\u5132\u5B58\u5EAB"},
+        {"Destination.alias.dest.already.exists",
+                "\u76EE\u7684\u5730\u5225\u540D <{0}> \u5DF2\u7D93\u5B58\u5728"},
+        {"Password.is.too.short.must.be.at.least.6.characters",
+                "\u5BC6\u78BC\u592A\u77ED - \u5FC5\u9808\u81F3\u5C11\u70BA 6 \u500B\u5B57\u5143"},
+        {"Too.many.failures.Key.entry.not.cloned",
+                "\u592A\u591A\u932F\u8AA4\u3002\u672A\u8907\u88FD\u91D1\u9470\u9805\u76EE"},
+        {"key.password.for.alias.", "<{0}> \u7684\u91D1\u9470\u5BC6\u78BC"},
+        {"Keystore.entry.for.id.getName.already.exists",
+                "<{0}> \u7684\u91D1\u9470\u5132\u5B58\u5EAB\u9805\u76EE\u5DF2\u7D93\u5B58\u5728"},
+        {"Creating.keystore.entry.for.id.getName.",
+                "\u5EFA\u7ACB <{0}> \u7684\u91D1\u9470\u5132\u5B58\u5EAB\u9805\u76EE..."},
+        {"No.entries.from.identity.database.added",
+                "\u6C92\u6709\u65B0\u589E\u4F86\u81EA\u8B58\u5225\u8CC7\u6599\u5EAB\u7684\u9805\u76EE"},
+        {"Alias.name.alias", "\u5225\u540D\u540D\u7A31: {0}"},
+        {"Creation.date.keyStore.getCreationDate.alias.",
+                "\u5EFA\u7ACB\u65E5\u671F: {0,date}"},
+        {"alias.keyStore.getCreationDate.alias.",
+                "{0}, {1,date}, "},
+        {"alias.", "{0}, "},
+        {"Entry.type.type.", "\u9805\u76EE\u985E\u578B: {0}"},
+        {"Certificate.chain.length.", "\u6191\u8B49\u93C8\u9577\u5EA6: "},
+        {"Certificate.i.1.", "\u6191\u8B49 [{0,number,integer}]:"},
+        {"Certificate.fingerprint.SHA1.", "\u6191\u8B49\u6307\u7D0B (SHA1): "},
+        {"Keystore.type.", "\u91D1\u9470\u5132\u5B58\u5EAB\u985E\u578B: "},
+        {"Keystore.provider.", "\u91D1\u9470\u5132\u5B58\u5EAB\u63D0\u4F9B\u8005: "},
+        {"Your.keystore.contains.keyStore.size.entry",
+                "\u60A8\u7684\u91D1\u9470\u5132\u5B58\u5EAB\u5305\u542B {0,number,integer} \u9805\u76EE"},
+        {"Your.keystore.contains.keyStore.size.entries",
+                "\u60A8\u7684\u91D1\u9470\u5132\u5B58\u5EAB\u5305\u542B {0,number,integer} \u9805\u76EE"},
+        {"Failed.to.parse.input", "\u7121\u6CD5\u5256\u6790\u8F38\u5165"},
+        {"Empty.input", "\u7A7A\u8F38\u5165"},
+        {"Not.X.509.certificate", "\u975E X.509 \u6191\u8B49"},
+        {"alias.has.no.public.key", "{0} \u7121\u516C\u958B\u91D1\u9470"},
+        {"alias.has.no.X.509.certificate", "{0} \u7121 X.509 \u6191\u8B49"},
+        {"New.certificate.self.signed.", "\u65B0\u6191\u8B49 (\u81EA\u6211\u7C3D\u7F72): "},
+        {"Reply.has.no.certificates", "\u56DE\u8986\u4E0D\u542B\u6191\u8B49"},
+        {"Certificate.not.imported.alias.alias.already.exists",
+                "\u6191\u8B49\u672A\u8F38\u5165\uFF0C\u5225\u540D <{0}> \u5DF2\u7D93\u5B58\u5728"},
+        {"Input.not.an.X.509.certificate", "\u8F38\u5165\u7684\u4E0D\u662F X.509 \u6191\u8B49"},
+        {"Certificate.already.exists.in.keystore.under.alias.trustalias.",
+                "\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D\u7684 <{0}> \u5225\u540D\u4E4B\u4E0B\uFF0C\u6191\u8B49\u5DF2\u7D93\u5B58\u5728"},
+        {"Do.you.still.want.to.add.it.no.",
+                "\u60A8\u4ECD\u7136\u60F3\u8981\u5C07\u4E4B\u65B0\u589E\u55CE\uFF1F [\u5426]:  "},
+        {"Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias.",
+                "\u6574\u500B\u7CFB\u7D71 CA \u91D1\u9470\u5132\u5B58\u5EAB\u4E2D\u7684 <{0}> \u5225\u540D\u4E4B\u4E0B\uFF0C\u6191\u8B49\u5DF2\u7D93\u5B58\u5728"},
+        {"Do.you.still.want.to.add.it.to.your.own.keystore.no.",
+                "\u60A8\u4ECD\u7136\u60F3\u8981\u5C07\u4E4B\u65B0\u589E\u81F3\u81EA\u5DF1\u7684\u91D1\u9470\u5132\u5B58\u5EAB\u55CE\uFF1F [\u5426]:  "},
+        {"Trust.this.certificate.no.", "\u4FE1\u4EFB\u9019\u500B\u6191\u8B49\uFF1F [\u5426]:  "},
+        {"YES", "\u662F"},
+        {"New.prompt.", "\u65B0 {0}: "},
+        {"Passwords.must.differ", "\u5FC5\u9808\u662F\u4E0D\u540C\u7684\u5BC6\u78BC"},
+        {"Re.enter.new.prompt.", "\u91CD\u65B0\u8F38\u5165\u65B0 {0}: "},
+        {"Re.enter.new.password.", "\u91CD\u65B0\u8F38\u5165\u65B0\u5BC6\u78BC: "},
+        {"They.don.t.match.Try.again", "\u5B83\u5011\u4E0D\u76F8\u7B26\u3002\u8ACB\u91CD\u8A66"},
+        {"Enter.prompt.alias.name.", "\u8F38\u5165 {0} \u5225\u540D\u540D\u7A31:  "},
+        {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
+                 "\u8ACB\u8F38\u5165\u65B0\u7684\u5225\u540D\u540D\u7A31\t(RETURN \u4EE5\u53D6\u6D88\u532F\u5165\u6B64\u9805\u76EE):"},
+        {"Enter.alias.name.", "\u8F38\u5165\u5225\u540D\u540D\u7A31:  "},
+        {".RETURN.if.same.as.for.otherAlias.",
+                "\t(RETURN \u5982\u679C\u548C <{0}> \u7684\u76F8\u540C)"},
+        {".PATTERN.printX509Cert",
+                "\u64C1\u6709\u8005: {0}\n\u767C\u51FA\u8005: {1}\n\u5E8F\u865F: {2}\n\u6709\u6548\u671F\u81EA: {3} \u5230: {4}\n\u6191\u8B49\u6307\u7D0B:\n\t MD5:  {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t \u7C3D\u7AE0\u6F14\u7B97\u6CD5\u540D\u7A31: {8}\n\t \u7248\u672C: {9}"},
+        {"What.is.your.first.and.last.name.",
+                "\u60A8\u7684\u540D\u5B57\u8207\u59D3\u6C0F\u70BA\u4F55\uFF1F"},
+        {"What.is.the.name.of.your.organizational.unit.",
+                "\u60A8\u7684\u7D44\u7E54\u55AE\u4F4D\u540D\u7A31\u70BA\u4F55\uFF1F"},
+        {"What.is.the.name.of.your.organization.",
+                "\u60A8\u7684\u7D44\u7E54\u540D\u7A31\u70BA\u4F55\uFF1F"},
+        {"What.is.the.name.of.your.City.or.Locality.",
+                "\u60A8\u6240\u5728\u7684\u57CE\u5E02\u6216\u5730\u5340\u540D\u7A31\u70BA\u4F55\uFF1F"},
+        {"What.is.the.name.of.your.State.or.Province.",
+                "\u60A8\u6240\u5728\u7684\u5DDE\u53CA\u7701\u4EFD\u540D\u7A31\u70BA\u4F55\uFF1F"},
+        {"What.is.the.two.letter.country.code.for.this.unit.",
+                "\u6B64\u55AE\u4F4D\u7684\u5169\u500B\u5B57\u6BCD\u570B\u5225\u4EE3\u78BC\u70BA\u4F55\uFF1F"},
+        {"Is.name.correct.", "{0} \u6B63\u78BA\u55CE\uFF1F"},
+        {"no", "\u5426"},
+        {"yes", "\u662F"},
+        {"y", "y"},
+        {".defaultValue.", "  [{0}]:  "},
+        {"Alias.alias.has.no.key",
+                "\u5225\u540D <{0}> \u6C92\u6709\u91D1\u9470"},
+        {"Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key",
+                 "\u5225\u540D <{0}> \u6240\u53C3\u7167\u7684\u9805\u76EE\u4E0D\u662F\u79C1\u5BC6\u91D1\u9470\u985E\u578B\u3002-keyclone \u547D\u4EE4\u50C5\u652F\u63F4\u79C1\u5BC6\u91D1\u9470\u9805\u76EE\u7684\u8907\u88FD"},
+
+        {".WARNING.WARNING.WARNING.",
+            "*****************  \u8B66\u544A \u8B66\u544A \u8B66\u544A  *****************"},
+        {"Signer.d.", "\u7C3D\u7F72\u8005 #%d:"},
+        {"Timestamp.", "\u6642\u6233:"},
+        {"Signature.", "\u7C3D\u7AE0:"},
+        {"CRLs.", "CRL:"},
+        {"Certificate.owner.", "\u6191\u8B49\u64C1\u6709\u8005: "},
+        {"Not.a.signed.jar.file", "\u4E0D\u662F\u7C3D\u7F72\u7684 jar \u6A94\u6848"},
+        {"No.certificate.from.the.SSL.server",
+                "\u6C92\u6709\u4F86\u81EA SSL \u4F3A\u670D\u5668\u7684\u6191\u8B49"},
+
+        {".The.integrity.of.the.information.stored.in.your.keystore.",
+            "* \u5C1A\u672A\u9A57\u8B49\u5132\u5B58\u65BC\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D\u8CC7\u8A0A  *\n* \u7684\u5B8C\u6574\u6027\uFF01\u82E5\u8981\u9A57\u8B49\u5176\u5B8C\u6574\u6027\uFF0C*\n* \u60A8\u5FC5\u9808\u63D0\u4F9B\u60A8\u7684\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC\u3002                  *"},
+        {".The.integrity.of.the.information.stored.in.the.srckeystore.",
+            "* \u5C1A\u672A\u9A57\u8B49\u5132\u5B58\u65BC srckeystore \u4E2D\u8CC7\u8A0A*\n* \u7684\u5B8C\u6574\u6027\uFF01\u82E5\u8981\u9A57\u8B49\u5176\u5B8C\u6574\u6027\uFF0C\u60A8\u5FC5\u9808 *\n* \u63D0\u4F9B srckeystore \u5BC6\u78BC\u3002          *"},
+
+        {"Certificate.reply.does.not.contain.public.key.for.alias.",
+                "\u6191\u8B49\u56DE\u8986\u4E26\u672A\u5305\u542B <{0}> \u7684\u516C\u958B\u91D1\u9470"},
+        {"Incomplete.certificate.chain.in.reply",
+                "\u56DE\u8986\u6642\u7684\u6191\u8B49\u93C8\u4E0D\u5B8C\u6574"},
+        {"Certificate.chain.in.reply.does.not.verify.",
+                "\u56DE\u8986\u6642\u7684\u6191\u8B49\u93C8\u672A\u9A57\u8B49: "},
+        {"Top.level.certificate.in.reply.",
+                "\u56DE\u8986\u6642\u7684\u6700\u9AD8\u7D1A\u6191\u8B49:\\n"},
+        {".is.not.trusted.", "... \u662F\u4E0D\u88AB\u4FE1\u4EFB\u7684\u3002"},
+        {"Install.reply.anyway.no.", "\u9084\u662F\u8981\u5B89\u88DD\u56DE\u8986\uFF1F [\u5426]:  "},
+        {"NO", "\u5426"},
+        {"Public.keys.in.reply.and.keystore.don.t.match",
+                "\u56DE\u8986\u6642\u7684\u516C\u958B\u91D1\u9470\u8207\u91D1\u9470\u5132\u5B58\u5EAB\u4E0D\u7B26"},
+        {"Certificate.reply.and.certificate.in.keystore.are.identical",
+                "\u6191\u8B49\u56DE\u8986\u8207\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D\u7684\u6191\u8B49\u662F\u76F8\u540C\u7684"},
+        {"Failed.to.establish.chain.from.reply",
+                "\u7121\u6CD5\u5F9E\u56DE\u8986\u4E2D\u5C07\u93C8\u5EFA\u7ACB\u8D77\u4F86"},
+        {"n", "n"},
+        {"Wrong.answer.try.again", "\u932F\u8AA4\u7684\u7B54\u6848\uFF0C\u8ACB\u518D\u8A66\u4E00\u6B21"},
+        {"Secret.key.not.generated.alias.alias.already.exists",
+                "\u672A\u7522\u751F\u79D8\u5BC6\u91D1\u9470\uFF0C\u5225\u540D <{0}> \u5DF2\u5B58\u5728"},
+        {"Please.provide.keysize.for.secret.key.generation",
+                "\u8ACB\u63D0\u4F9B -keysize \u4EE5\u7522\u751F\u79D8\u5BC6\u91D1\u9470"},
+
+        {"Extensions.", "\u64F4\u5145\u5957\u4EF6: "},
+        {".Empty.value.", "(\u7A7A\u767D\u503C)"},
+        {"Extension.Request.", "\u64F4\u5145\u5957\u4EF6\u8981\u6C42:"},
+        {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
+                "PKCS #10 \u6191\u8B49\u8981\u6C42 (\u7248\u672C 1.0)\n\u4E3B\u9AD4: %s\n\u516C\u7528\u91D1\u9470: %s \u683C\u5F0F %s \u91D1\u9470\n"},
+        {"Unknown.keyUsage.type.", "\u4E0D\u660E\u7684 keyUsage \u985E\u578B: "},
+        {"Unknown.extendedkeyUsage.type.", "\u4E0D\u660E\u7684 extendedkeyUsage \u985E\u578B: "},
+        {"Unknown.AccessDescription.type.", "\u4E0D\u660E\u7684 AccessDescription \u985E\u578B: "},
+        {"Unrecognized.GeneralName.type.", "\u7121\u6CD5\u8FA8\u8B58\u7684 GeneralName \u985E\u578B: "},
+        {"This.extension.cannot.be.marked.as.critical.",
+                 "\u6B64\u64F4\u5145\u5957\u4EF6\u7121\u6CD5\u6A19\u793A\u70BA\u95DC\u9375\u3002"},
+        {"Odd.number.of.hex.digits.found.", "\u627E\u5230\u5341\u516D\u9032\u4F4D\u6578\u5B57\u7684\u5947\u6578: "},
+        {"Unknown.extension.type.", "\u4E0D\u660E\u7684\u64F4\u5145\u5957\u4EF6\u985E\u578B: "},
+        {"command.{0}.is.ambiguous.", "\u547D\u4EE4 {0} \u4E0D\u660E\u78BA:"}
+    };
+
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/keytool/Resources_zh_TW.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,431 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.keytool;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for the keytool.
+ *
+ */
+public class Resources_zh_TW extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+        {"NEWLINE", "\n"},
+        {"STAR",
+                "*******************************************"},
+        {"STARNN",
+                "*******************************************\n\n"},
+
+        // keytool: Help part
+// "Option" should be translated.
+        {".OPTION.", " [\u9078\u9805]..."},
+        {"Options.", "\u9078\u9805:"},
+        {"Use.keytool.help.for.all.available.commands",
+                 "\u4F7F\u7528 \"keytool -help\" \u53D6\u5F97\u6240\u6709\u53EF\u7528\u7684\u547D\u4EE4"},
+        {"Key.and.Certificate.Management.Tool",
+                 "\u91D1\u9470\u8207\u6191\u8B49\u7BA1\u7406\u5DE5\u5177"},
+        {"Commands.", "\u547D\u4EE4:"},
+        {"Use.keytool.command.name.help.for.usage.of.command.name",
+                "\u4F7F\u7528 \"keytool -command_name -help\" \u53D6\u5F97 command_name \u7684\u7528\u6CD5"},
+        // keytool: help: commands
+        {"Generates.a.certificate.request",
+                "\u7522\u751F\u6191\u8B49\u8981\u6C42"}, //-certreq
+        {"Changes.an.entry.s.alias",
+                "\u8B8A\u66F4\u9805\u76EE\u7684\u5225\u540D"}, //-changealias
+        {"Deletes.an.entry",
+                "\u522A\u9664\u9805\u76EE"}, //-delete
+        {"Exports.certificate",
+                "\u532F\u51FA\u6191\u8B49"}, //-exportcert
+        {"Generates.a.key.pair",
+                "\u7522\u751F\u91D1\u9470\u7D44"}, //-genkeypair
+// translation of "secret" key should be different to "private" key.
+        {"Generates.a.secret.key",
+                "\u7522\u751F\u79D8\u5BC6\u91D1\u9470"}, //-genseckey
+        {"Generates.certificate.from.a.certificate.request",
+                "\u5F9E\u6191\u8B49\u8981\u6C42\u7522\u751F\u6191\u8B49"}, //-gencert
+        {"Generates.CRL", "\u7522\u751F CRL"}, //-gencrl
+        {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
+                "\u5F9E JDK 1.1.x-style \u8B58\u5225\u8CC7\u6599\u5EAB\u532F\u5165\u9805\u76EE"}, //-identitydb
+        {"Imports.a.certificate.or.a.certificate.chain",
+                "\u532F\u5165\u6191\u8B49\u6216\u6191\u8B49\u93C8"}, //-importcert
+        {"Imports.one.or.all.entries.from.another.keystore",
+                "\u5F9E\u5176\u4ED6\u91D1\u9470\u5132\u5B58\u5EAB\u532F\u5165\u4E00\u500B\u6216\u5168\u90E8\u9805\u76EE"}, //-importkeystore
+        {"Clones.a.key.entry",
+                "\u8907\u88FD\u91D1\u9470\u9805\u76EE"}, //-keyclone
+        {"Changes.the.key.password.of.an.entry",
+                "\u8B8A\u66F4\u9805\u76EE\u7684\u91D1\u9470\u5BC6\u78BC"}, //-keypasswd
+        {"Lists.entries.in.a.keystore",
+                "\u5217\u793A\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D\u7684\u9805\u76EE"}, //-list
+        {"Prints.the.content.of.a.certificate",
+                "\u5217\u5370\u6191\u8B49\u7684\u5167\u5BB9"}, //-printcert
+        {"Prints.the.content.of.a.certificate.request",
+                "\u5217\u5370\u6191\u8B49\u8981\u6C42\u7684\u5167\u5BB9"}, //-printcertreq
+        {"Prints.the.content.of.a.CRL.file",
+                "\u5217\u5370 CRL \u6A94\u6848\u7684\u5167\u5BB9"}, //-printcrl
+        {"Generates.a.self.signed.certificate",
+                "\u7522\u751F\u81EA\u884C\u7C3D\u7F72\u7684\u6191\u8B49"}, //-selfcert
+        {"Changes.the.store.password.of.a.keystore",
+                "\u8B8A\u66F4\u91D1\u9470\u5132\u5B58\u5EAB\u7684\u5132\u5B58\u5BC6\u78BC"}, //-storepasswd
+        // keytool: help: options
+        {"alias.name.of.the.entry.to.process",
+                "\u8981\u8655\u7406\u9805\u76EE\u7684\u5225\u540D\u540D\u7A31"}, //-alias
+        {"destination.alias",
+                "\u76EE\u7684\u5730\u5225\u540D"}, //-destalias
+        {"destination.key.password",
+                "\u76EE\u7684\u5730\u91D1\u9470\u5BC6\u78BC"}, //-destkeypass
+        {"destination.keystore.name",
+                "\u76EE\u7684\u5730\u91D1\u9470\u5132\u5B58\u5EAB\u540D\u7A31"}, //-destkeystore
+        {"destination.keystore.password.protected",
+                "\u76EE\u7684\u5730\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC\u4FDD\u8B77"}, //-destprotected
+        {"destination.keystore.provider.name",
+                "\u76EE\u7684\u5730\u91D1\u9470\u5132\u5B58\u5EAB\u63D0\u4F9B\u8005\u540D\u7A31"}, //-destprovidername
+        {"destination.keystore.password",
+                "\u76EE\u7684\u5730\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC"}, //-deststorepass
+        {"destination.keystore.type",
+                "\u76EE\u7684\u5730\u91D1\u9470\u5132\u5B58\u5EAB\u985E\u578B"}, //-deststoretype
+        {"distinguished.name",
+                "\u8FA8\u5225\u540D\u7A31"}, //-dname
+        {"X.509.extension",
+                "X.509 \u64F4\u5145\u5957\u4EF6"}, //-ext
+        {"output.file.name",
+                "\u8F38\u51FA\u6A94\u6848\u540D\u7A31"}, //-file and -outfile
+        {"input.file.name",
+                "\u8F38\u5165\u6A94\u6848\u540D\u7A31"}, //-file and -infile
+        {"key.algorithm.name",
+                "\u91D1\u9470\u6F14\u7B97\u6CD5\u540D\u7A31"}, //-keyalg
+        {"key.password",
+                "\u91D1\u9470\u5BC6\u78BC"}, //-keypass
+        {"key.bit.size",
+                "\u91D1\u9470\u4F4D\u5143\u5927\u5C0F"}, //-keysize
+        {"keystore.name",
+                "\u91D1\u9470\u5132\u5B58\u5EAB\u540D\u7A31"}, //-keystore
+        {"new.password",
+                "\u65B0\u5BC6\u78BC"}, //-new
+        {"do.not.prompt",
+                "\u4E0D\u8981\u63D0\u793A"}, //-noprompt
+        {"password.through.protected.mechanism",
+                "\u7D93\u7531\u4FDD\u8B77\u6A5F\u5236\u7684\u5BC6\u78BC"}, //-protected
+        {"provider.argument",
+                "\u63D0\u4F9B\u8005\u5F15\u6578"}, //-providerarg
+        {"provider.class.name",
+                "\u63D0\u4F9B\u8005\u985E\u5225\u540D\u7A31"}, //-providerclass
+        {"provider.name",
+                "\u63D0\u4F9B\u8005\u540D\u7A31"}, //-providername
+        {"provider.classpath",
+                "\u63D0\u4F9B\u8005\u985E\u5225\u8DEF\u5F91"}, //-providerpath
+        {"output.in.RFC.style",
+                "\u4EE5 RFC \u6A23\u5F0F\u8F38\u51FA"}, //-rfc
+        {"signature.algorithm.name",
+                "\u7C3D\u7AE0\u6F14\u7B97\u6CD5\u540D\u7A31"}, //-sigalg
+        {"source.alias",
+                "\u4F86\u6E90\u5225\u540D"}, //-srcalias
+        {"source.key.password",
+                "\u4F86\u6E90\u91D1\u9470\u5BC6\u78BC"}, //-srckeypass
+        {"source.keystore.name",
+                "\u4F86\u6E90\u91D1\u9470\u5132\u5B58\u5EAB\u540D\u7A31"}, //-srckeystore
+        {"source.keystore.password.protected",
+                "\u4F86\u6E90\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC\u4FDD\u8B77"}, //-srcprotected
+        {"source.keystore.provider.name",
+                "\u4F86\u6E90\u91D1\u9470\u5132\u5B58\u5EAB\u63D0\u4F9B\u8005\u540D\u7A31"}, //-srcprovidername
+        {"source.keystore.password",
+                "\u4F86\u6E90\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC"}, //-srcstorepass
+        {"source.keystore.type",
+                "\u4F86\u6E90\u91D1\u9470\u5132\u5B58\u5EAB\u985E\u578B"}, //-srcstoretype
+        {"SSL.server.host.and.port",
+                "SSL \u4F3A\u670D\u5668\u4E3B\u6A5F\u8207\u9023\u63A5\u57E0"}, //-sslserver
+        {"signed.jar.file",
+                "\u7C3D\u7F72\u7684 jar \u6A94\u6848"}, //=jarfile
+        {"certificate.validity.start.date.time",
+                "\u6191\u8B49\u6709\u6548\u6027\u958B\u59CB\u65E5\u671F/\u6642\u9593"}, //-startdate
+        {"keystore.password",
+                "\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC"}, //-storepass
+        {"keystore.type",
+                "\u91D1\u9470\u5132\u5B58\u5EAB\u985E\u578B"}, //-storetype
+        {"trust.certificates.from.cacerts",
+                "\u4F86\u81EA cacerts \u7684\u4FE1\u4EFB\u6191\u8B49"}, //-trustcacerts
+        {"verbose.output",
+                "\u8A73\u7D30\u8CC7\u8A0A\u8F38\u51FA"}, //-v
+        {"validity.number.of.days",
+                "\u6709\u6548\u6027\u65E5\u6578"}, //-validity
+        {"Serial.ID.of.cert.to.revoke",
+                 "\u8981\u64A4\u92B7\u6191\u8B49\u7684\u5E8F\u5217 ID"}, //-id
+        // keytool: Running part
+        {"keytool.error.", "\u91D1\u9470\u5DE5\u5177\u932F\u8AA4: "},
+        {"Illegal.option.", "\u7121\u6548\u7684\u9078\u9805:"},
+        {"Illegal.value.", "\u7121\u6548\u503C: "},
+        {"Unknown.password.type.", "\u4E0D\u660E\u7684\u5BC6\u78BC\u985E\u578B: "},
+        {"Cannot.find.environment.variable.",
+                "\u627E\u4E0D\u5230\u74B0\u5883\u8B8A\u6578: "},
+        {"Cannot.find.file.", "\u627E\u4E0D\u5230\u6A94\u6848: "},
+        {"Command.option.flag.needs.an.argument.", "\u547D\u4EE4\u9078\u9805 {0} \u9700\u8981\u5F15\u6578\u3002"},
+        {"Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value.",
+                "\u8B66\u544A: PKCS12 \u91D1\u9470\u5132\u5B58\u5EAB\u4E0D\u652F\u63F4\u4E0D\u540C\u7684\u5132\u5B58\u5EAB\u548C\u91D1\u9470\u5BC6\u78BC\u3002\u5FFD\u7565\u4F7F\u7528\u8005\u6307\u5B9A\u7684 {0} \u503C\u3002"},
+        {".keystore.must.be.NONE.if.storetype.is.{0}",
+                "\u5982\u679C -storetype \u70BA {0}\uFF0C\u5247 -keystore \u5FC5\u9808\u70BA NONE"},
+        {"Too.many.retries.program.terminated",
+                 "\u91CD\u8A66\u6B21\u6578\u592A\u591A\uFF0C\u7A0B\u5F0F\u5DF2\u7D42\u6B62"},
+        {".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}",
+                "\u5982\u679C -storetype \u70BA {0}\uFF0C\u5247\u4E0D\u652F\u63F4 -storepasswd \u548C -keypasswd \u547D\u4EE4"},
+        {".keypasswd.commands.not.supported.if.storetype.is.PKCS12",
+                "\u5982\u679C -storetype \u70BA PKCS12\uFF0C\u5247\u4E0D\u652F\u63F4 -keypasswd \u547D\u4EE4"},
+        {".keypass.and.new.can.not.be.specified.if.storetype.is.{0}",
+                "\u5982\u679C -storetype \u70BA {0}\uFF0C\u5247\u4E0D\u80FD\u6307\u5B9A -keypass \u548C -new"},
+        {"if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified",
+                "\u5982\u679C\u6307\u5B9A -protected\uFF0C\u5247\u4E0D\u80FD\u6307\u5B9A -storepass\u3001-keypass \u548C -new"},
+        {"if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified",
+                "\u5982\u679C\u6307\u5B9A -srcprotected\uFF0C\u5247\u4E0D\u80FD\u6307\u5B9A -srcstorepass \u548C -srckeypass"},
+        {"if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified",
+                "\u5982\u679C\u91D1\u9470\u5132\u5B58\u5EAB\u4E0D\u53D7\u5BC6\u78BC\u4FDD\u8B77\uFF0C\u5247\u4E0D\u80FD\u6307\u5B9A -storepass\u3001-keypass \u548C -new"},
+        {"if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified",
+                "\u5982\u679C\u4F86\u6E90\u91D1\u9470\u5132\u5B58\u5EAB\u4E0D\u53D7\u5BC6\u78BC\u4FDD\u8B77\uFF0C\u5247\u4E0D\u80FD\u6307\u5B9A -srcstorepass \u548C -srckeypass"},
+        {"Illegal.startdate.value", "\u7121\u6548\u7684 startdate \u503C"},
+        {"Validity.must.be.greater.than.zero",
+                "\u6709\u6548\u6027\u5FC5\u9808\u5927\u65BC\u96F6"},
+        {"provName.not.a.provider", "{0} \u4E0D\u662F\u4E00\u500B\u63D0\u4F9B\u8005"},
+        {"Usage.error.no.command.provided", "\u7528\u6CD5\u932F\u8AA4: \u672A\u63D0\u4F9B\u547D\u4EE4"},
+        {"Source.keystore.file.exists.but.is.empty.", "\u4F86\u6E90\u91D1\u9470\u5132\u5B58\u5EAB\u6A94\u6848\u5B58\u5728\uFF0C\u4F46\u70BA\u7A7A: "},
+        {"Please.specify.srckeystore", "\u8ACB\u6307\u5B9A -srckeystore"},
+        {"Must.not.specify.both.v.and.rfc.with.list.command",
+                " 'list' \u547D\u4EE4\u4E0D\u80FD\u540C\u6642\u6307\u5B9A -v \u53CA -rfc"},
+        {"Key.password.must.be.at.least.6.characters",
+                "\u91D1\u9470\u5BC6\u78BC\u5FC5\u9808\u81F3\u5C11\u70BA 6 \u500B\u5B57\u5143"},
+        {"New.password.must.be.at.least.6.characters",
+                "\u65B0\u7684\u5BC6\u78BC\u5FC5\u9808\u81F3\u5C11\u70BA 6 \u500B\u5B57\u5143"},
+        {"Keystore.file.exists.but.is.empty.",
+                "\u91D1\u9470\u5132\u5B58\u5EAB\u6A94\u6848\u5B58\u5728\uFF0C\u4F46\u70BA\u7A7A\u767D: "},
+        {"Keystore.file.does.not.exist.",
+                "\u91D1\u9470\u5132\u5B58\u5EAB\u6A94\u6848\u4E0D\u5B58\u5728: "},
+        {"Must.specify.destination.alias", "\u5FC5\u9808\u6307\u5B9A\u76EE\u7684\u5730\u5225\u540D"},
+        {"Must.specify.alias", "\u5FC5\u9808\u6307\u5B9A\u5225\u540D"},
+        {"Keystore.password.must.be.at.least.6.characters",
+                "\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC\u5FC5\u9808\u81F3\u5C11\u70BA 6 \u500B\u5B57\u5143"},
+        {"Enter.keystore.password.", "\u8F38\u5165\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC:  "},
+        {"Enter.source.keystore.password.", "\u8ACB\u8F38\u5165\u4F86\u6E90\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC: "},
+        {"Enter.destination.keystore.password.", "\u8ACB\u8F38\u5165\u76EE\u7684\u5730\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC: "},
+        {"Keystore.password.is.too.short.must.be.at.least.6.characters",
+         "\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC\u592A\u77ED - \u5FC5\u9808\u81F3\u5C11\u70BA 6 \u500B\u5B57\u5143"},
+        {"Unknown.Entry.Type", "\u4E0D\u660E\u7684\u9805\u76EE\u985E\u578B"},
+        {"Too.many.failures.Alias.not.changed", "\u592A\u591A\u932F\u8AA4\u3002\u672A\u8B8A\u66F4\u5225\u540D"},
+        {"Entry.for.alias.alias.successfully.imported.",
+                 "\u5DF2\u6210\u529F\u532F\u5165\u5225\u540D {0} \u7684\u9805\u76EE\u3002"},
+        {"Entry.for.alias.alias.not.imported.", "\u672A\u532F\u5165\u5225\u540D {0} \u7684\u9805\u76EE\u3002"},
+        {"Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported.",
+                 "\u532F\u5165\u5225\u540D {0} \u7684\u9805\u76EE\u6642\u51FA\u73FE\u554F\u984C: {1}\u3002\n\u672A\u532F\u5165\u5225\u540D {0} \u7684\u9805\u76EE\u3002"},
+        {"Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled",
+                 "\u5DF2\u5B8C\u6210\u532F\u5165\u547D\u4EE4: \u6210\u529F\u532F\u5165 {0} \u500B\u9805\u76EE\uFF0C{1} \u500B\u9805\u76EE\u5931\u6557\u6216\u5DF2\u53D6\u6D88"},
+        {"Warning.Overwriting.existing.alias.alias.in.destination.keystore",
+                 "\u8B66\u544A: \u6B63\u5728\u8986\u5BEB\u76EE\u7684\u5730\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D\u7684\u73FE\u6709\u5225\u540D {0}"},
+        {"Existing.entry.alias.alias.exists.overwrite.no.",
+                 "\u73FE\u6709\u9805\u76EE\u5225\u540D {0} \u5B58\u5728\uFF0C\u662F\u5426\u8986\u5BEB\uFF1F[\u5426]:  "},
+        {"Too.many.failures.try.later", "\u592A\u591A\u932F\u8AA4 - \u8ACB\u7A0D\u5F8C\u518D\u8A66"},
+        {"Certification.request.stored.in.file.filename.",
+                "\u8A8D\u8B49\u8981\u6C42\u5132\u5B58\u5728\u6A94\u6848 <{0}>"},
+        {"Submit.this.to.your.CA", "\u5C07\u6B64\u9001\u51FA\u81F3\u60A8\u7684 CA"},
+        {"if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified",
+            "\u5982\u679C\u672A\u6307\u5B9A\u5225\u540D\uFF0C\u5247\u4E0D\u80FD\u6307\u5B9A destalias\u3001srckeypass \u53CA destkeypass"},
+        {"Certificate.stored.in.file.filename.",
+                "\u6191\u8B49\u5132\u5B58\u5728\u6A94\u6848 <{0}>"},
+        {"Certificate.reply.was.installed.in.keystore",
+                "\u6191\u8B49\u56DE\u8986\u5DF2\u5B89\u88DD\u5728\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D"},
+        {"Certificate.reply.was.not.installed.in.keystore",
+                "\u6191\u8B49\u56DE\u8986\u672A\u5B89\u88DD\u5728\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D"},
+        {"Certificate.was.added.to.keystore",
+                "\u6191\u8B49\u5DF2\u65B0\u589E\u81F3\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D"},
+        {"Certificate.was.not.added.to.keystore",
+                "\u6191\u8B49\u672A\u65B0\u589E\u81F3\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D"},
+        {".Storing.ksfname.", "[\u5132\u5B58 {0}]"},
+        {"alias.has.no.public.key.certificate.",
+                "{0} \u6C92\u6709\u516C\u958B\u91D1\u9470 (\u6191\u8B49)"},
+        {"Cannot.derive.signature.algorithm",
+                "\u7121\u6CD5\u53D6\u5F97\u7C3D\u7AE0\u6F14\u7B97\u6CD5"},
+        {"Alias.alias.does.not.exist",
+                "\u5225\u540D <{0}> \u4E0D\u5B58\u5728"},
+        {"Alias.alias.has.no.certificate",
+                "\u5225\u540D <{0}> \u6C92\u6709\u6191\u8B49"},
+        {"Key.pair.not.generated.alias.alias.already.exists",
+                "\u6C92\u6709\u5EFA\u7ACB\u91D1\u9470\u7D44\uFF0C\u5225\u540D <{0}> \u5DF2\u7D93\u5B58\u5728"},
+        {"Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for",
+                "\u91DD\u5C0D {4} \u7522\u751F\u6709\u6548\u671F {3} \u5929\u7684 {0} \u4F4D\u5143 {1} \u91D1\u9470\u7D44\u4EE5\u53CA\u81EA\u6211\u7C3D\u7F72\u6191\u8B49 ({2})\n\t"},
+        {"Enter.key.password.for.alias.", "\u8F38\u5165 <{0}> \u7684\u91D1\u9470\u5BC6\u78BC"},
+        {".RETURN.if.same.as.keystore.password.",
+                "\t(RETURN \u5982\u679C\u548C\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC\u76F8\u540C):  "},
+        {"Key.password.is.too.short.must.be.at.least.6.characters",
+                "\u91D1\u9470\u5BC6\u78BC\u592A\u77ED - \u5FC5\u9808\u81F3\u5C11\u70BA 6 \u500B\u5B57\u5143"},
+        {"Too.many.failures.key.not.added.to.keystore",
+                "\u592A\u591A\u932F\u8AA4 - \u91D1\u9470\u672A\u65B0\u589E\u81F3\u91D1\u9470\u5132\u5B58\u5EAB"},
+        {"Destination.alias.dest.already.exists",
+                "\u76EE\u7684\u5730\u5225\u540D <{0}> \u5DF2\u7D93\u5B58\u5728"},
+        {"Password.is.too.short.must.be.at.least.6.characters",
+                "\u5BC6\u78BC\u592A\u77ED - \u5FC5\u9808\u81F3\u5C11\u70BA 6 \u500B\u5B57\u5143"},
+        {"Too.many.failures.Key.entry.not.cloned",
+                "\u592A\u591A\u932F\u8AA4\u3002\u672A\u8907\u88FD\u91D1\u9470\u9805\u76EE"},
+        {"key.password.for.alias.", "<{0}> \u7684\u91D1\u9470\u5BC6\u78BC"},
+        {"Keystore.entry.for.id.getName.already.exists",
+                "<{0}> \u7684\u91D1\u9470\u5132\u5B58\u5EAB\u9805\u76EE\u5DF2\u7D93\u5B58\u5728"},
+        {"Creating.keystore.entry.for.id.getName.",
+                "\u5EFA\u7ACB <{0}> \u7684\u91D1\u9470\u5132\u5B58\u5EAB\u9805\u76EE..."},
+        {"No.entries.from.identity.database.added",
+                "\u6C92\u6709\u65B0\u589E\u4F86\u81EA\u8B58\u5225\u8CC7\u6599\u5EAB\u7684\u9805\u76EE"},
+        {"Alias.name.alias", "\u5225\u540D\u540D\u7A31: {0}"},
+        {"Creation.date.keyStore.getCreationDate.alias.",
+                "\u5EFA\u7ACB\u65E5\u671F: {0,date}"},
+        {"alias.keyStore.getCreationDate.alias.",
+                "{0}, {1,date}, "},
+        {"alias.", "{0}, "},
+        {"Entry.type.type.", "\u9805\u76EE\u985E\u578B: {0}"},
+        {"Certificate.chain.length.", "\u6191\u8B49\u93C8\u9577\u5EA6: "},
+        {"Certificate.i.1.", "\u6191\u8B49 [{0,number,integer}]:"},
+        {"Certificate.fingerprint.SHA1.", "\u6191\u8B49\u6307\u7D0B (SHA1): "},
+        {"Keystore.type.", "\u91D1\u9470\u5132\u5B58\u5EAB\u985E\u578B: "},
+        {"Keystore.provider.", "\u91D1\u9470\u5132\u5B58\u5EAB\u63D0\u4F9B\u8005: "},
+        {"Your.keystore.contains.keyStore.size.entry",
+                "\u60A8\u7684\u91D1\u9470\u5132\u5B58\u5EAB\u5305\u542B {0,number,integer} \u9805\u76EE"},
+        {"Your.keystore.contains.keyStore.size.entries",
+                "\u60A8\u7684\u91D1\u9470\u5132\u5B58\u5EAB\u5305\u542B {0,number,integer} \u9805\u76EE"},
+        {"Failed.to.parse.input", "\u7121\u6CD5\u5256\u6790\u8F38\u5165"},
+        {"Empty.input", "\u7A7A\u8F38\u5165"},
+        {"Not.X.509.certificate", "\u975E X.509 \u6191\u8B49"},
+        {"alias.has.no.public.key", "{0} \u7121\u516C\u958B\u91D1\u9470"},
+        {"alias.has.no.X.509.certificate", "{0} \u7121 X.509 \u6191\u8B49"},
+        {"New.certificate.self.signed.", "\u65B0\u6191\u8B49 (\u81EA\u6211\u7C3D\u7F72): "},
+        {"Reply.has.no.certificates", "\u56DE\u8986\u4E0D\u542B\u6191\u8B49"},
+        {"Certificate.not.imported.alias.alias.already.exists",
+                "\u6191\u8B49\u672A\u8F38\u5165\uFF0C\u5225\u540D <{0}> \u5DF2\u7D93\u5B58\u5728"},
+        {"Input.not.an.X.509.certificate", "\u8F38\u5165\u7684\u4E0D\u662F X.509 \u6191\u8B49"},
+        {"Certificate.already.exists.in.keystore.under.alias.trustalias.",
+                "\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D\u7684 <{0}> \u5225\u540D\u4E4B\u4E0B\uFF0C\u6191\u8B49\u5DF2\u7D93\u5B58\u5728"},
+        {"Do.you.still.want.to.add.it.no.",
+                "\u60A8\u4ECD\u7136\u60F3\u8981\u5C07\u4E4B\u65B0\u589E\u55CE\uFF1F [\u5426]:  "},
+        {"Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias.",
+                "\u6574\u500B\u7CFB\u7D71 CA \u91D1\u9470\u5132\u5B58\u5EAB\u4E2D\u7684 <{0}> \u5225\u540D\u4E4B\u4E0B\uFF0C\u6191\u8B49\u5DF2\u7D93\u5B58\u5728"},
+        {"Do.you.still.want.to.add.it.to.your.own.keystore.no.",
+                "\u60A8\u4ECD\u7136\u60F3\u8981\u5C07\u4E4B\u65B0\u589E\u81F3\u81EA\u5DF1\u7684\u91D1\u9470\u5132\u5B58\u5EAB\u55CE\uFF1F [\u5426]:  "},
+        {"Trust.this.certificate.no.", "\u4FE1\u4EFB\u9019\u500B\u6191\u8B49\uFF1F [\u5426]:  "},
+        {"YES", "\u662F"},
+        {"New.prompt.", "\u65B0 {0}: "},
+        {"Passwords.must.differ", "\u5FC5\u9808\u662F\u4E0D\u540C\u7684\u5BC6\u78BC"},
+        {"Re.enter.new.prompt.", "\u91CD\u65B0\u8F38\u5165\u65B0 {0}: "},
+        {"Re.enter.new.password.", "\u91CD\u65B0\u8F38\u5165\u65B0\u5BC6\u78BC: "},
+        {"They.don.t.match.Try.again", "\u5B83\u5011\u4E0D\u76F8\u7B26\u3002\u8ACB\u91CD\u8A66"},
+        {"Enter.prompt.alias.name.", "\u8F38\u5165 {0} \u5225\u540D\u540D\u7A31:  "},
+        {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
+                 "\u8ACB\u8F38\u5165\u65B0\u7684\u5225\u540D\u540D\u7A31\t(RETURN \u4EE5\u53D6\u6D88\u532F\u5165\u6B64\u9805\u76EE):"},
+        {"Enter.alias.name.", "\u8F38\u5165\u5225\u540D\u540D\u7A31:  "},
+        {".RETURN.if.same.as.for.otherAlias.",
+                "\t(RETURN \u5982\u679C\u548C <{0}> \u7684\u76F8\u540C)"},
+        {".PATTERN.printX509Cert",
+                "\u64C1\u6709\u8005: {0}\n\u767C\u51FA\u8005: {1}\n\u5E8F\u865F: {2}\n\u6709\u6548\u671F\u81EA: {3} \u5230: {4}\n\u6191\u8B49\u6307\u7D0B:\n\t MD5:  {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t \u7C3D\u7AE0\u6F14\u7B97\u6CD5\u540D\u7A31: {8}\n\t \u7248\u672C: {9}"},
+        {"What.is.your.first.and.last.name.",
+                "\u60A8\u7684\u540D\u5B57\u8207\u59D3\u6C0F\u70BA\u4F55\uFF1F"},
+        {"What.is.the.name.of.your.organizational.unit.",
+                "\u60A8\u7684\u7D44\u7E54\u55AE\u4F4D\u540D\u7A31\u70BA\u4F55\uFF1F"},
+        {"What.is.the.name.of.your.organization.",
+                "\u60A8\u7684\u7D44\u7E54\u540D\u7A31\u70BA\u4F55\uFF1F"},
+        {"What.is.the.name.of.your.City.or.Locality.",
+                "\u60A8\u6240\u5728\u7684\u57CE\u5E02\u6216\u5730\u5340\u540D\u7A31\u70BA\u4F55\uFF1F"},
+        {"What.is.the.name.of.your.State.or.Province.",
+                "\u60A8\u6240\u5728\u7684\u5DDE\u53CA\u7701\u4EFD\u540D\u7A31\u70BA\u4F55\uFF1F"},
+        {"What.is.the.two.letter.country.code.for.this.unit.",
+                "\u6B64\u55AE\u4F4D\u7684\u5169\u500B\u5B57\u6BCD\u570B\u5225\u4EE3\u78BC\u70BA\u4F55\uFF1F"},
+        {"Is.name.correct.", "{0} \u6B63\u78BA\u55CE\uFF1F"},
+        {"no", "\u5426"},
+        {"yes", "\u662F"},
+        {"y", "y"},
+        {".defaultValue.", "  [{0}]:  "},
+        {"Alias.alias.has.no.key",
+                "\u5225\u540D <{0}> \u6C92\u6709\u91D1\u9470"},
+        {"Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key",
+                 "\u5225\u540D <{0}> \u6240\u53C3\u7167\u7684\u9805\u76EE\u4E0D\u662F\u79C1\u5BC6\u91D1\u9470\u985E\u578B\u3002-keyclone \u547D\u4EE4\u50C5\u652F\u63F4\u79C1\u5BC6\u91D1\u9470\u9805\u76EE\u7684\u8907\u88FD"},
+
+        {".WARNING.WARNING.WARNING.",
+            "*****************  \u8B66\u544A \u8B66\u544A \u8B66\u544A  *****************"},
+        {"Signer.d.", "\u7C3D\u7F72\u8005 #%d:"},
+        {"Timestamp.", "\u6642\u6233:"},
+        {"Signature.", "\u7C3D\u7AE0:"},
+        {"CRLs.", "CRL:"},
+        {"Certificate.owner.", "\u6191\u8B49\u64C1\u6709\u8005: "},
+        {"Not.a.signed.jar.file", "\u4E0D\u662F\u7C3D\u7F72\u7684 jar \u6A94\u6848"},
+        {"No.certificate.from.the.SSL.server",
+                "\u6C92\u6709\u4F86\u81EA SSL \u4F3A\u670D\u5668\u7684\u6191\u8B49"},
+
+        {".The.integrity.of.the.information.stored.in.your.keystore.",
+            "* \u5C1A\u672A\u9A57\u8B49\u5132\u5B58\u65BC\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D\u8CC7\u8A0A  *\n* \u7684\u5B8C\u6574\u6027\uFF01\u82E5\u8981\u9A57\u8B49\u5176\u5B8C\u6574\u6027\uFF0C*\n* \u60A8\u5FC5\u9808\u63D0\u4F9B\u60A8\u7684\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC\u3002                  *"},
+        {".The.integrity.of.the.information.stored.in.the.srckeystore.",
+            "* \u5C1A\u672A\u9A57\u8B49\u5132\u5B58\u65BC srckeystore \u4E2D\u8CC7\u8A0A*\n* \u7684\u5B8C\u6574\u6027\uFF01\u82E5\u8981\u9A57\u8B49\u5176\u5B8C\u6574\u6027\uFF0C\u60A8\u5FC5\u9808 *\n* \u63D0\u4F9B srckeystore \u5BC6\u78BC\u3002          *"},
+
+        {"Certificate.reply.does.not.contain.public.key.for.alias.",
+                "\u6191\u8B49\u56DE\u8986\u4E26\u672A\u5305\u542B <{0}> \u7684\u516C\u958B\u91D1\u9470"},
+        {"Incomplete.certificate.chain.in.reply",
+                "\u56DE\u8986\u6642\u7684\u6191\u8B49\u93C8\u4E0D\u5B8C\u6574"},
+        {"Certificate.chain.in.reply.does.not.verify.",
+                "\u56DE\u8986\u6642\u7684\u6191\u8B49\u93C8\u672A\u9A57\u8B49: "},
+        {"Top.level.certificate.in.reply.",
+                "\u56DE\u8986\u6642\u7684\u6700\u9AD8\u7D1A\u6191\u8B49:\\n"},
+        {".is.not.trusted.", "... \u662F\u4E0D\u88AB\u4FE1\u4EFB\u7684\u3002"},
+        {"Install.reply.anyway.no.", "\u9084\u662F\u8981\u5B89\u88DD\u56DE\u8986\uFF1F [\u5426]:  "},
+        {"NO", "\u5426"},
+        {"Public.keys.in.reply.and.keystore.don.t.match",
+                "\u56DE\u8986\u6642\u7684\u516C\u958B\u91D1\u9470\u8207\u91D1\u9470\u5132\u5B58\u5EAB\u4E0D\u7B26"},
+        {"Certificate.reply.and.certificate.in.keystore.are.identical",
+                "\u6191\u8B49\u56DE\u8986\u8207\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D\u7684\u6191\u8B49\u662F\u76F8\u540C\u7684"},
+        {"Failed.to.establish.chain.from.reply",
+                "\u7121\u6CD5\u5F9E\u56DE\u8986\u4E2D\u5C07\u93C8\u5EFA\u7ACB\u8D77\u4F86"},
+        {"n", "n"},
+        {"Wrong.answer.try.again", "\u932F\u8AA4\u7684\u7B54\u6848\uFF0C\u8ACB\u518D\u8A66\u4E00\u6B21"},
+        {"Secret.key.not.generated.alias.alias.already.exists",
+                "\u672A\u7522\u751F\u79D8\u5BC6\u91D1\u9470\uFF0C\u5225\u540D <{0}> \u5DF2\u5B58\u5728"},
+        {"Please.provide.keysize.for.secret.key.generation",
+                "\u8ACB\u63D0\u4F9B -keysize \u4EE5\u7522\u751F\u79D8\u5BC6\u91D1\u9470"},
+
+        {"Extensions.", "\u64F4\u5145\u5957\u4EF6: "},
+        {".Empty.value.", "(\u7A7A\u767D\u503C)"},
+        {"Extension.Request.", "\u64F4\u5145\u5957\u4EF6\u8981\u6C42:"},
+        {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
+                "PKCS #10 \u6191\u8B49\u8981\u6C42 (\u7248\u672C 1.0)\n\u4E3B\u9AD4: %s\n\u516C\u7528\u91D1\u9470: %s \u683C\u5F0F %s \u91D1\u9470\n"},
+        {"Unknown.keyUsage.type.", "\u4E0D\u660E\u7684 keyUsage \u985E\u578B: "},
+        {"Unknown.extendedkeyUsage.type.", "\u4E0D\u660E\u7684 extendedkeyUsage \u985E\u578B: "},
+        {"Unknown.AccessDescription.type.", "\u4E0D\u660E\u7684 AccessDescription \u985E\u578B: "},
+        {"Unrecognized.GeneralName.type.", "\u7121\u6CD5\u8FA8\u8B58\u7684 GeneralName \u985E\u578B: "},
+        {"This.extension.cannot.be.marked.as.critical.",
+                 "\u6B64\u64F4\u5145\u5957\u4EF6\u7121\u6CD5\u6A19\u793A\u70BA\u95DC\u9375\u3002"},
+        {"Odd.number.of.hex.digits.found.", "\u627E\u5230\u5341\u516D\u9032\u4F4D\u6578\u5B57\u7684\u5947\u6578: "},
+        {"Unknown.extension.type.", "\u4E0D\u660E\u7684\u64F4\u5145\u5957\u4EF6\u985E\u578B: "},
+        {"command.{0}.is.ambiguous.", "\u547D\u4EE4 {0} \u4E0D\u660E\u78BA:"}
+    };
+
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- a/jdk/src/share/classes/sun/security/tools/policytool/PolicyTool.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/src/share/classes/sun/security/tools/policytool/PolicyTool.java	Sun Oct 14 22:58:59 2012 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -60,7 +60,8 @@
 
     // for i18n
     static final java.util.ResourceBundle rb =
-        java.util.ResourceBundle.getBundle("sun.security.util.Resources");
+        java.util.ResourceBundle.getBundle(
+            "sun.security.tools.policytool.Resources");
     static final Collator collator = Collator.getInstance();
     static {
         // this is for case insensitive string comparisons
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/policytool/Resources.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,161 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.policytool;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for the policytool.
+ *
+ */
+public class Resources extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+        {"NEWLINE", "\n"},
+        {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.",
+                "Warning: A public key for alias {0} does not exist.  Make sure a KeyStore is properly configured."},
+        {"Warning.Class.not.found.class", "Warning: Class not found: {0}"},
+        {"Warning.Invalid.argument.s.for.constructor.arg",
+                "Warning: Invalid argument(s) for constructor: {0}"},
+        {"Illegal.Principal.Type.type", "Illegal Principal Type: {0}"},
+        {"Illegal.option.option", "Illegal option: {0}"},
+        {"Usage.policytool.options.", "Usage: policytool [options]"},
+        {".file.file.policy.file.location",
+                "  [-file <file>]    policy file location"},
+        {"New", "New"},
+        {"Open", "Open"},
+        {"Save", "Save"},
+        {"Save.As", "Save As"},
+        {"View.Warning.Log", "View Warning Log"},
+        {"Exit", "Exit"},
+        {"Add.Policy.Entry", "Add Policy Entry"},
+        {"Edit.Policy.Entry", "Edit Policy Entry"},
+        {"Remove.Policy.Entry", "Remove Policy Entry"},
+        {"Edit", "Edit"},
+        {"Retain", "Retain"},
+
+        {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes",
+            "Warning: File name may include escaped backslash characters. " +
+                        "It is not necessary to escape backslash characters " +
+                        "(the tool escapes characters as necessary when writing " +
+                        "the policy contents to the persistent store).\n\n" +
+                        "Click on Retain to retain the entered name, or click on " +
+                        "Edit to edit the name."},
+
+        {"Add.Public.Key.Alias", "Add Public Key Alias"},
+        {"Remove.Public.Key.Alias", "Remove Public Key Alias"},
+        {"File", "File"},
+        {"KeyStore", "KeyStore"},
+        {"Policy.File.", "Policy File:"},
+        {"Could.not.open.policy.file.policyFile.e.toString.",
+                "Could not open policy file: {0}: {1}"},
+        {"Policy.Tool", "Policy Tool"},
+        {"Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.",
+                "Errors have occurred while opening the policy configuration.  View the Warning Log for more information."},
+        {"Error", "Error"},
+        {"OK", "OK"},
+        {"Status", "Status"},
+        {"Warning", "Warning"},
+        {"Permission.",
+                "Permission:                                                       "},
+        {"Principal.Type.", "Principal Type:"},
+        {"Principal.Name.", "Principal Name:"},
+        {"Target.Name.",
+                "Target Name:                                                    "},
+        {"Actions.",
+                "Actions:                                                             "},
+        {"OK.to.overwrite.existing.file.filename.",
+                "OK to overwrite existing file {0}?"},
+        {"Cancel", "Cancel"},
+        {"CodeBase.", "CodeBase:"},
+        {"SignedBy.", "SignedBy:"},
+        {"Add.Principal", "Add Principal"},
+        {"Edit.Principal", "Edit Principal"},
+        {"Remove.Principal", "Remove Principal"},
+        {"Principals.", "Principals:"},
+        {".Add.Permission", "  Add Permission"},
+        {".Edit.Permission", "  Edit Permission"},
+        {"Remove.Permission", "Remove Permission"},
+        {"Done", "Done"},
+        {"KeyStore.URL.", "KeyStore URL:"},
+        {"KeyStore.Type.", "KeyStore Type:"},
+        {"KeyStore.Provider.", "KeyStore Provider:"},
+        {"KeyStore.Password.URL.", "KeyStore Password URL:"},
+        {"Principals", "Principals"},
+        {".Edit.Principal.", "  Edit Principal:"},
+        {".Add.New.Principal.", "  Add New Principal:"},
+        {"Permissions", "Permissions"},
+        {".Edit.Permission.", "  Edit Permission:"},
+        {".Add.New.Permission.", "  Add New Permission:"},
+        {"Signed.By.", "Signed By:"},
+        {"Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name",
+            "Cannot Specify Principal with a Wildcard Class without a Wildcard Name"},
+        {"Cannot.Specify.Principal.without.a.Name",
+            "Cannot Specify Principal without a Name"},
+        {"Permission.and.Target.Name.must.have.a.value",
+                "Permission and Target Name must have a value"},
+        {"Remove.this.Policy.Entry.", "Remove this Policy Entry?"},
+        {"Overwrite.File", "Overwrite File"},
+        {"Policy.successfully.written.to.filename",
+                "Policy successfully written to {0}"},
+        {"null.filename", "null filename"},
+        {"Save.changes.", "Save changes?"},
+        {"Yes", "Yes"},
+        {"No", "No"},
+        {"Policy.Entry", "Policy Entry"},
+        {"Save.Changes", "Save Changes"},
+        {"No.Policy.Entry.selected", "No Policy Entry selected"},
+        {"Unable.to.open.KeyStore.ex.toString.",
+                "Unable to open KeyStore: {0}"},
+        {"No.principal.selected", "No principal selected"},
+        {"No.permission.selected", "No permission selected"},
+        {"name", "name"},
+        {"configuration.type", "configuration type"},
+        {"environment.variable.name", "environment variable name"},
+        {"library.name", "library name"},
+        {"package.name", "package name"},
+        {"policy.type", "policy type"},
+        {"property.name", "property name"},
+        {"provider.name", "provider name"},
+        {"Principal.List", "Principal List"},
+        {"Permission.List", "Permission List"},
+        {"Code.Base", "Code Base"},
+        {"KeyStore.U.R.L.", "KeyStore U R L:"},
+        {"KeyStore.Password.U.R.L.", "KeyStore Password U R L:"}
+    };
+
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/policytool/Resources_de.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,156 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.policytool;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for the policytool.
+ *
+ */
+public class Resources_de extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+        {"NEWLINE", "\n"},
+        {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.",
+                "Warnung: Kein Public Key f\u00FCr Alias {0} vorhanden. Vergewissern Sie sich, dass der KeyStore ordnungsgem\u00E4\u00DF konfiguriert ist."},
+        {"Warning.Class.not.found.class", "Warnung: Klasse nicht gefunden: {0}"},
+        {"Warning.Invalid.argument.s.for.constructor.arg",
+                "Warnung: Ung\u00FCltige(s) Argument(e) f\u00FCr Constructor: {0}"},
+        {"Illegal.Principal.Type.type", "Ung\u00FCltiger Principal-Typ: {0}"},
+        {"Illegal.option.option", "Ung\u00FCltige Option: {0}"},
+        {"Usage.policytool.options.", "Verwendung: policytool [Optionen]"},
+        {".file.file.policy.file.location",
+                " [-file <Datei>]    Policy-Dateiverzeichnis"},
+        {"New", "Neu"},
+        {"Open", "\u00D6ffnen"},
+        {"Save", "Speichern"},
+        {"Save.As", "Speichern unter"},
+        {"View.Warning.Log", "Warnungslog anzeigen"},
+        {"Exit", "Beenden"},
+        {"Add.Policy.Entry", "Policy-Eintrag hinzuf\u00FCgen"},
+        {"Edit.Policy.Entry", "Policy-Eintrag bearbeiten"},
+        {"Remove.Policy.Entry", "Policy-Eintrag entfernen"},
+        {"Edit", "Bearbeiten"},
+        {"Retain", "Beibehalten"},
+
+        {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes",
+            "Warnung: M\u00F6glicherweise enth\u00E4lt der Dateiname Escape-Zeichen mit Backslash. Es ist nicht notwendig, Backslash-Zeichen zu escapen (das Tool f\u00FChrt dies automatisch beim Schreiben des Policy-Contents in den persistenten Speicher aus).\n\nKlicken Sie auf \"Beibehalten\", um den eingegebenen Namen beizubehalten oder auf \"Bearbeiten\", um den Namen zu bearbeiten."},
+
+        {"Add.Public.Key.Alias", "Public Key-Alias hinzuf\u00FCgen"},
+        {"Remove.Public.Key.Alias", "Public Key-Alias entfernen"},
+        {"File", "Datei"},
+        {"KeyStore", "KeyStore"},
+        {"Policy.File.", "Policy-Datei:"},
+        {"Could.not.open.policy.file.policyFile.e.toString.",
+                "Policy-Datei konnte nicht ge\u00F6ffnet werden: {0}: {1}"},
+        {"Policy.Tool", "Policy-Tool"},
+        {"Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.",
+                "Beim \u00D6ffnen der Policy-Konfiguration sind Fehler aufgetreten. Weitere Informationen finden Sie im Warnungslog."},
+        {"Error", "Fehler"},
+        {"OK", "OK"},
+        {"Status", "Status"},
+        {"Warning", "Warnung"},
+        {"Permission.",
+                "Berechtigung:                                                       "},
+        {"Principal.Type.", "Principal-Typ:"},
+        {"Principal.Name.", "Principal-Name:"},
+        {"Target.Name.",
+                "Zielname:                                                    "},
+        {"Actions.",
+                "Aktionen:                                                             "},
+        {"OK.to.overwrite.existing.file.filename.",
+                "Vorhandene Datei {0} \u00FCberschreiben?"},
+        {"Cancel", "Abbrechen"},
+        {"CodeBase.", "CodeBase:"},
+        {"SignedBy.", "SignedBy:"},
+        {"Add.Principal", "Principal hinzuf\u00FCgen"},
+        {"Edit.Principal", "Principal bearbeiten"},
+        {"Remove.Principal", "Principal entfernen"},
+        {"Principals.", "Principals:"},
+        {".Add.Permission", "  Berechtigung hinzuf\u00FCgen"},
+        {".Edit.Permission", "  Berechtigung bearbeiten"},
+        {"Remove.Permission", "Berechtigung entfernen"},
+        {"Done", "Fertig"},
+        {"KeyStore.URL.", "KeyStore-URL:"},
+        {"KeyStore.Type.", "KeyStore-Typ:"},
+        {"KeyStore.Provider.", "KeyStore-Provider:"},
+        {"KeyStore.Password.URL.", "KeyStore-Kennwort-URL:"},
+        {"Principals", "Principals"},
+        {".Edit.Principal.", "  Principal bearbeiten:"},
+        {".Add.New.Principal.", "  Neuen Principal hinzuf\u00FCgen:"},
+        {"Permissions", "Berechtigungen"},
+        {".Edit.Permission.", "  Berechtigung bearbeiten:"},
+        {".Add.New.Permission.", "  Neue Berechtigung hinzuf\u00FCgen:"},
+        {"Signed.By.", "Signiert von:"},
+        {"Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name",
+            "Principal kann nicht mit einer Platzhalterklasse ohne Platzhalternamen angegeben werden"},
+        {"Cannot.Specify.Principal.without.a.Name",
+            "Principal kann nicht ohne einen Namen angegeben werden"},
+        {"Permission.and.Target.Name.must.have.a.value",
+                "Berechtigung und Zielname m\u00FCssen einen Wert haben"},
+        {"Remove.this.Policy.Entry.", "Diesen Policy-Eintrag entfernen?"},
+        {"Overwrite.File", "Datei \u00FCberschreiben"},
+        {"Policy.successfully.written.to.filename",
+                "Policy erfolgreich in {0} geschrieben"},
+        {"null.filename", "Null-Dateiname"},
+        {"Save.changes.", "\u00C4nderungen speichern?"},
+        {"Yes", "Ja"},
+        {"No", "Nein"},
+        {"Policy.Entry", "Policy-Eintrag"},
+        {"Save.Changes", "\u00C4nderungen speichern"},
+        {"No.Policy.Entry.selected", "Kein Policy-Eintrag ausgew\u00E4hlt"},
+        {"Unable.to.open.KeyStore.ex.toString.",
+                "KeyStore kann nicht ge\u00F6ffnet werden: {0}"},
+        {"No.principal.selected", "Kein Principal ausgew\u00E4hlt"},
+        {"No.permission.selected", "Keine Berechtigung ausgew\u00E4hlt"},
+        {"name", "Name"},
+        {"configuration.type", "Konfigurationstyp"},
+        {"environment.variable.name", "Umgebungsvariablenname"},
+        {"library.name", "Library-Name"},
+        {"package.name", "Packagename"},
+        {"policy.type", "Policy-Typ"},
+        {"property.name", "Eigenschaftsname"},
+        {"provider.name", "Providername"},
+        {"Principal.List", "Principal-Liste"},
+        {"Permission.List", "Berechtigungsliste"},
+        {"Code.Base", "Codebase"},
+        {"KeyStore.U.R.L.", "KeyStore-URL:"},
+        {"KeyStore.Password.U.R.L.", "KeyStore-Kennwort-URL:"}
+    };
+
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/policytool/Resources_es.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,156 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.policytool;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for the policytool.
+ *
+ */
+public class Resources_es extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+        {"NEWLINE", "\n"},
+        {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.",
+                "Advertencia: no hay clave p\u00FAblica para el alias {0}. Aseg\u00FArese de que se ha configurado correctamente un almac\u00E9n de claves."},
+        {"Warning.Class.not.found.class", "Advertencia: no se ha encontrado la clase: {0}"},
+        {"Warning.Invalid.argument.s.for.constructor.arg",
+                "Advertencia: argumento(s) no v\u00E1lido(s) para el constructor: {0}"},
+        {"Illegal.Principal.Type.type", "Tipo de principal no permitido: {0}"},
+        {"Illegal.option.option", "Opci\u00F3n no permitida: {0}"},
+        {"Usage.policytool.options.", "Sintaxis: policytool [opciones]"},
+        {".file.file.policy.file.location",
+                "  [-file <archivo>]    ubicaci\u00F3n del archivo de normas"},
+        {"New", "Nuevo"},
+        {"Open", "Abrir"},
+        {"Save", "Guardar"},
+        {"Save.As", "Guardar como"},
+        {"View.Warning.Log", "Ver Log de Advertencias"},
+        {"Exit", "Salir"},
+        {"Add.Policy.Entry", "Agregar Entrada de Pol\u00EDtica"},
+        {"Edit.Policy.Entry", "Editar Entrada de Pol\u00EDtica"},
+        {"Remove.Policy.Entry", "Eliminar Entrada de Pol\u00EDtica"},
+        {"Edit", "Editar"},
+        {"Retain", "Mantener"},
+
+        {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes",
+            "Advertencia: el nombre del archivo puede contener caracteres de barra invertida de escape. No es necesario utilizar barras invertidas de escape (la herramienta aplica caracteres de escape seg\u00FAn sea necesario al escribir el contenido de las pol\u00EDticas en el almac\u00E9n persistente).\n\nHaga clic en Mantener para conservar el nombre introducido o en Editar para modificarlo."},
+
+        {"Add.Public.Key.Alias", "Agregar Alias de Clave P\u00FAblico"},
+        {"Remove.Public.Key.Alias", "Eliminar Alias de Clave P\u00FAblico"},
+        {"File", "Archivo"},
+        {"KeyStore", "Almac\u00E9n de Claves"},
+        {"Policy.File.", "Archivo de Pol\u00EDtica:"},
+        {"Could.not.open.policy.file.policyFile.e.toString.",
+                "No se ha podido abrir el archivo de pol\u00EDtica: {0}: {1}"},
+        {"Policy.Tool", "Herramienta de Pol\u00EDticas"},
+        {"Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.",
+                "Ha habido errores al abrir la configuraci\u00F3n de pol\u00EDticas. V\u00E9ase el log de advertencias para obtener m\u00E1s informaci\u00F3n."},
+        {"Error", "Error"},
+        {"OK", "Aceptar"},
+        {"Status", "Estado"},
+        {"Warning", "Advertencia"},
+        {"Permission.",
+                "Permiso:                                                       "},
+        {"Principal.Type.", "Tipo de Principal:"},
+        {"Principal.Name.", "Nombre de Principal:"},
+        {"Target.Name.",
+                "Nombre de Destino:                                                    "},
+        {"Actions.",
+                "Acciones:                                                             "},
+        {"OK.to.overwrite.existing.file.filename.",
+                "\u00BFSobrescribir el archivo existente {0}?"},
+        {"Cancel", "Cancelar"},
+        {"CodeBase.", "CodeBase:"},
+        {"SignedBy.", "SignedBy:"},
+        {"Add.Principal", "Agregar Principal"},
+        {"Edit.Principal", "Editar Principal"},
+        {"Remove.Principal", "Eliminar Principal"},
+        {"Principals.", "Principales:"},
+        {".Add.Permission", "  Agregar Permiso"},
+        {".Edit.Permission", "  Editar Permiso"},
+        {"Remove.Permission", "Eliminar Permiso"},
+        {"Done", "Listo"},
+        {"KeyStore.URL.", "URL de Almac\u00E9n de Claves:"},
+        {"KeyStore.Type.", "Tipo de Almac\u00E9n de Claves:"},
+        {"KeyStore.Provider.", "Proveedor de Almac\u00E9n de Claves:"},
+        {"KeyStore.Password.URL.", "URL de Contrase\u00F1a de Almac\u00E9n de Claves:"},
+        {"Principals", "Principales"},
+        {".Edit.Principal.", "  Editar Principal:"},
+        {".Add.New.Principal.", "  Agregar Nuevo Principal:"},
+        {"Permissions", "Permisos"},
+        {".Edit.Permission.", "  Editar Permiso:"},
+        {".Add.New.Permission.", "  Agregar Permiso Nuevo:"},
+        {"Signed.By.", "Firmado Por:"},
+        {"Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name",
+            "No se puede especificar un principal con una clase de comod\u00EDn sin un nombre de comod\u00EDn"},
+        {"Cannot.Specify.Principal.without.a.Name",
+            "No se puede especificar el principal sin un nombre"},
+        {"Permission.and.Target.Name.must.have.a.value",
+                "Permiso y Nombre de Destino deben tener un valor"},
+        {"Remove.this.Policy.Entry.", "\u00BFEliminar esta entrada de pol\u00EDtica?"},
+        {"Overwrite.File", "Sobrescribir Archivo"},
+        {"Policy.successfully.written.to.filename",
+                "Pol\u00EDtica escrita correctamente en {0}"},
+        {"null.filename", "nombre de archivo nulo"},
+        {"Save.changes.", "\u00BFGuardar los cambios?"},
+        {"Yes", "S\u00ED"},
+        {"No", "No"},
+        {"Policy.Entry", "Entrada de Pol\u00EDtica"},
+        {"Save.Changes", "Guardar Cambios"},
+        {"No.Policy.Entry.selected", "No se ha seleccionado la entrada de pol\u00EDtica"},
+        {"Unable.to.open.KeyStore.ex.toString.",
+                "No se ha podido abrir el almac\u00E9n de claves: {0}"},
+        {"No.principal.selected", "No se ha seleccionado un principal"},
+        {"No.permission.selected", "No se ha seleccionado un permiso"},
+        {"name", "nombre"},
+        {"configuration.type", "tipo de configuraci\u00F3n"},
+        {"environment.variable.name", "nombre de variable de entorno"},
+        {"library.name", "nombre de la biblioteca"},
+        {"package.name", "nombre del paquete"},
+        {"policy.type", "tipo de pol\u00EDtica"},
+        {"property.name", "nombre de la propiedad"},
+        {"provider.name", "nombre del proveedor"},
+        {"Principal.List", "Lista de Principales"},
+        {"Permission.List", "Lista de Permisos"},
+        {"Code.Base", "Base de C\u00F3digo"},
+        {"KeyStore.U.R.L.", "URL de Almac\u00E9n de Claves:"},
+        {"KeyStore.Password.U.R.L.", "URL de Contrase\u00F1a de Almac\u00E9n de Claves:"}
+    };
+
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/policytool/Resources_fr.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,156 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.policytool;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for the policytool.
+ *
+ */
+public class Resources_fr extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+        {"NEWLINE", "\n"},
+        {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.",
+                "Avertissement\u00A0: il n''existe pas de cl\u00E9 publique pour l''alias {0}. V\u00E9rifiez que le fichier de cl\u00E9s d''acc\u00E8s est correctement configur\u00E9."},
+        {"Warning.Class.not.found.class", "Avertissement : classe introuvable - {0}"},
+        {"Warning.Invalid.argument.s.for.constructor.arg",
+                "Avertissement\u00A0: arguments non valides pour le constructeur\u00A0- {0}"},
+        {"Illegal.Principal.Type.type", "Type de principal non admis : {0}"},
+        {"Illegal.option.option", "Option non admise : {0}"},
+        {"Usage.policytool.options.", "Syntaxe : policytool [options]"},
+        {".file.file.policy.file.location",
+                "  [-file <file>]    emplacement du fichier de r\u00E8gles"},
+        {"New", "Nouveau"},
+        {"Open", "Ouvrir"},
+        {"Save", "Enregistrer"},
+        {"Save.As", "Enregistrer sous"},
+        {"View.Warning.Log", "Afficher le journal des avertissements"},
+        {"Exit", "Quitter"},
+        {"Add.Policy.Entry", "Ajouter une r\u00E8gle"},
+        {"Edit.Policy.Entry", "Modifier une r\u00E8gle"},
+        {"Remove.Policy.Entry", "Enlever une r\u00E8gle"},
+        {"Edit", "Modifier"},
+        {"Retain", "Conserver"},
+
+        {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes",
+            "Avertissement : il se peut que le nom de fichier contienne des barres obliques inverses avec caract\u00E8re d'\u00E9chappement. Il n'est pas n\u00E9cessaire d'ajouter un caract\u00E8re d'\u00E9chappement aux barres obliques inverses. L'outil proc\u00E8de \u00E0 l'\u00E9chappement si n\u00E9cessaire lorsqu'il \u00E9crit le contenu des r\u00E8gles dans la zone de stockage persistant).\n\nCliquez sur Conserver pour garder le nom saisi ou sur Modifier pour le remplacer."},
+
+        {"Add.Public.Key.Alias", "Ajouter un alias de cl\u00E9 publique"},
+        {"Remove.Public.Key.Alias", "Enlever un alias de cl\u00E9 publique"},
+        {"File", "Fichier"},
+        {"KeyStore", "Fichier de cl\u00E9s"},
+        {"Policy.File.", "Fichier de r\u00E8gles :"},
+        {"Could.not.open.policy.file.policyFile.e.toString.",
+                "Impossible d''ouvrir le fichier de r\u00E8gles\u00A0: {0}: {1}"},
+        {"Policy.Tool", "Policy Tool"},
+        {"Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.",
+                "Des erreurs se sont produites \u00E0 l'ouverture de la configuration de r\u00E8gles. Pour plus d'informations, consultez le journal des avertissements."},
+        {"Error", "Erreur"},
+        {"OK", "OK"},
+        {"Status", "Statut"},
+        {"Warning", "Avertissement"},
+        {"Permission.",
+                "Droit :                                                       "},
+        {"Principal.Type.", "Type de principal :"},
+        {"Principal.Name.", "Nom de principal :"},
+        {"Target.Name.",
+                "Nom de cible :                                                    "},
+        {"Actions.",
+                "Actions :                                                             "},
+        {"OK.to.overwrite.existing.file.filename.",
+                "Remplacer le fichier existant {0} ?"},
+        {"Cancel", "Annuler"},
+        {"CodeBase.", "Base de code :"},
+        {"SignedBy.", "Sign\u00E9 par :"},
+        {"Add.Principal", "Ajouter un principal"},
+        {"Edit.Principal", "Modifier un principal"},
+        {"Remove.Principal", "Enlever un principal"},
+        {"Principals.", "Principaux :"},
+        {".Add.Permission", "  Ajouter un droit"},
+        {".Edit.Permission", "  Modifier un droit"},
+        {"Remove.Permission", "Enlever un droit"},
+        {"Done", "Termin\u00E9"},
+        {"KeyStore.URL.", "URL du fichier de cl\u00E9s :"},
+        {"KeyStore.Type.", "Type du fichier de cl\u00E9s :"},
+        {"KeyStore.Provider.", "Fournisseur du fichier de cl\u00E9s :"},
+        {"KeyStore.Password.URL.", "URL du mot de passe du fichier de cl\u00E9s :"},
+        {"Principals", "Principaux"},
+        {".Edit.Principal.", "  Modifier un principal :"},
+        {".Add.New.Principal.", "  Ajouter un principal :"},
+        {"Permissions", "Droits"},
+        {".Edit.Permission.", "  Modifier un droit :"},
+        {".Add.New.Permission.", "  Ajouter un droit :"},
+        {"Signed.By.", "Sign\u00E9 par :"},
+        {"Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name",
+            "Impossible de sp\u00E9cifier un principal avec une classe g\u00E9n\u00E9rique sans nom g\u00E9n\u00E9rique"},
+        {"Cannot.Specify.Principal.without.a.Name",
+            "Impossible de sp\u00E9cifier un principal sans nom"},
+        {"Permission.and.Target.Name.must.have.a.value",
+                "Le droit et le nom de cible doivent avoir une valeur"},
+        {"Remove.this.Policy.Entry.", "Enlever cette r\u00E8gle ?"},
+        {"Overwrite.File", "Remplacer le fichier"},
+        {"Policy.successfully.written.to.filename",
+                "R\u00E8gle \u00E9crite dans {0}"},
+        {"null.filename", "nom de fichier NULL"},
+        {"Save.changes.", "Enregistrer les modifications ?"},
+        {"Yes", "Oui"},
+        {"No", "Non"},
+        {"Policy.Entry", "R\u00E8gle"},
+        {"Save.Changes", "Enregistrer les modifications"},
+        {"No.Policy.Entry.selected", "Aucune r\u00E8gle s\u00E9lectionn\u00E9e"},
+        {"Unable.to.open.KeyStore.ex.toString.",
+                "Impossible d''ouvrir le fichier de cl\u00E9s d''acc\u00E8s : {0}"},
+        {"No.principal.selected", "Aucun principal s\u00E9lectionn\u00E9"},
+        {"No.permission.selected", "Aucun droit s\u00E9lectionn\u00E9"},
+        {"name", "nom"},
+        {"configuration.type", "type de configuration"},
+        {"environment.variable.name", "Nom de variable d'environnement"},
+        {"library.name", "nom de biblioth\u00E8que"},
+        {"package.name", "nom de package"},
+        {"policy.type", "type de r\u00E8gle"},
+        {"property.name", "nom de propri\u00E9t\u00E9"},
+        {"provider.name", "nom du fournisseur"},
+        {"Principal.List", "Liste de principaux"},
+        {"Permission.List", "Liste de droits"},
+        {"Code.Base", "Base de code"},
+        {"KeyStore.U.R.L.", "URL du fichier de cl\u00E9s :"},
+        {"KeyStore.Password.U.R.L.", "URL du mot de passe du fichier de cl\u00E9s :"}
+    };
+
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/policytool/Resources_it.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,156 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.policytool;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for the policytool.
+ *
+ */
+public class Resources_it extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+        {"NEWLINE", "\n"},
+        {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.",
+                "Avvertenza: non esiste una chiave pubblica per l''alias {0}. Verificare che il keystore sia configurato correttamente."},
+        {"Warning.Class.not.found.class", "Avvertenza: classe non trovata: {0}"},
+        {"Warning.Invalid.argument.s.for.constructor.arg",
+                "Avvertenza: argomento o argomenti non validi per il costruttore {0}"},
+        {"Illegal.Principal.Type.type", "Tipo principal non valido: {0}"},
+        {"Illegal.option.option", "Opzione non valida: {0}"},
+        {"Usage.policytool.options.", "Utilizzo: policytool [opzioni]"},
+        {".file.file.policy.file.location",
+                "  [-file <file>]    posizione del file dei criteri"},
+        {"New", "Nuovo"},
+        {"Open", "Apri"},
+        {"Save", "Salva"},
+        {"Save.As", "Salva con nome"},
+        {"View.Warning.Log", "Visualizza registro avvertenze"},
+        {"Exit", "Esci"},
+        {"Add.Policy.Entry", "Aggiungi voce dei criteri"},
+        {"Edit.Policy.Entry", "Modifica voce dei criteri"},
+        {"Remove.Policy.Entry", "Rimuovi voce dei criteri"},
+        {"Edit", "Modifica"},
+        {"Retain", "Mantieni"},
+
+        {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes",
+            "Avvertenza: il nome file pu\u00F2 includere barre rovesciate con escape. Non \u00E8 necessario eseguire l'escape delle barre rovesciate (se necessario lo strumento esegue l'escape dei caratteri al momento della scrittura del contenuto dei criteri nell'area di memorizzazione persistente).\n\nFare click su Mantieni per conservare il nome immesso, oppure su Modifica per modificare il nome."},
+
+        {"Add.Public.Key.Alias", "Aggiungi alias chiave pubblica"},
+        {"Remove.Public.Key.Alias", "Rimuovi alias chiave pubblica"},
+        {"File", "File"},
+        {"KeyStore", "Keystore"},
+        {"Policy.File.", "File dei criteri:"},
+        {"Could.not.open.policy.file.policyFile.e.toString.",
+                "Impossibile aprire il file di criteri {0}: {1}"},
+        {"Policy.Tool", "Strumento criteri"},
+        {"Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.",
+                "Si sono verificati errori durante l'apertura della configurazione dei criteri. Consultare il registro delle avvertenze per ulteriori informazioni."},
+        {"Error", "Errore"},
+        {"OK", "OK"},
+        {"Status", "Stato"},
+        {"Warning", "Avvertenza"},
+        {"Permission.",
+                "Autorizzazione:                                                       "},
+        {"Principal.Type.", "Tipo principal:"},
+        {"Principal.Name.", "Nome principal:"},
+        {"Target.Name.",
+                "Nome destinazione:                                                    "},
+        {"Actions.",
+                "Azioni:                                                             "},
+        {"OK.to.overwrite.existing.file.filename.",
+                "OK per sovrascrivere il file {0}?"},
+        {"Cancel", "Annulla"},
+        {"CodeBase.", "CodeBase:"},
+        {"SignedBy.", "SignedBy:"},
+        {"Add.Principal", "Aggiungi principal"},
+        {"Edit.Principal", "Modifica principal"},
+        {"Remove.Principal", "Rimuovi principal"},
+        {"Principals.", "Principal:"},
+        {".Add.Permission", "  Aggiungi autorizzazione"},
+        {".Edit.Permission", "  Modifica autorizzazione"},
+        {"Remove.Permission", "Rimuovi autorizzazione"},
+        {"Done", "Fine"},
+        {"KeyStore.URL.", "URL keystore:"},
+        {"KeyStore.Type.", "Tipo keystore:"},
+        {"KeyStore.Provider.", "Provider keystore:"},
+        {"KeyStore.Password.URL.", "URL password keystore:"},
+        {"Principals", "Principal:"},
+        {".Edit.Principal.", "  Modifica principal:"},
+        {".Add.New.Principal.", "  Aggiungi nuovo principal:"},
+        {"Permissions", "Autorizzazioni"},
+        {".Edit.Permission.", "  Modifica autorizzazione:"},
+        {".Add.New.Permission.", "  Aggiungi nuova autorizzazione:"},
+        {"Signed.By.", "Firmato da:"},
+        {"Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name",
+            "Impossibile specificare principal con una classe carattere jolly senza un nome carattere jolly"},
+        {"Cannot.Specify.Principal.without.a.Name",
+            "Impossibile specificare principal senza un nome"},
+        {"Permission.and.Target.Name.must.have.a.value",
+                "L'autorizzazione e il nome destinazione non possono essere nulli"},
+        {"Remove.this.Policy.Entry.", "Rimuovere questa voce dei criteri?"},
+        {"Overwrite.File", "Sovrascrivi file"},
+        {"Policy.successfully.written.to.filename",
+                "I criteri sono stati scritti in {0}"},
+        {"null.filename", "nome file nullo"},
+        {"Save.changes.", "Salvare le modifiche?"},
+        {"Yes", "S\u00EC"},
+        {"No", "No"},
+        {"Policy.Entry", "Voce dei criteri"},
+        {"Save.Changes", "Salva le modifiche"},
+        {"No.Policy.Entry.selected", "Nessuna voce dei criteri selezionata"},
+        {"Unable.to.open.KeyStore.ex.toString.",
+                "Impossibile aprire il keystore: {0}"},
+        {"No.principal.selected", "Nessun principal selezionato"},
+        {"No.permission.selected", "Nessuna autorizzazione selezionata"},
+        {"name", "nome"},
+        {"configuration.type", "tipo di configurazione"},
+        {"environment.variable.name", "nome variabile ambiente"},
+        {"library.name", "nome libreria"},
+        {"package.name", "nome package"},
+        {"policy.type", "tipo di criteri"},
+        {"property.name", "nome propriet\u00E0"},
+        {"provider.name", "nome provider"},
+        {"Principal.List", "Lista principal"},
+        {"Permission.List", "Lista autorizzazioni"},
+        {"Code.Base", "Codebase"},
+        {"KeyStore.U.R.L.", "URL keystore:"},
+        {"KeyStore.Password.U.R.L.", "URL password keystore:"}
+    };
+
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/policytool/Resources_ja.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,156 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.policytool;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for the policytool.
+ *
+ */
+public class Resources_ja extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+        {"NEWLINE", "\n"},
+        {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.",
+                "\u8B66\u544A: \u5225\u540D{0}\u306E\u516C\u958B\u9375\u304C\u5B58\u5728\u3057\u307E\u305B\u3093\u3002\u30AD\u30FC\u30B9\u30C8\u30A2\u304C\u6B63\u3057\u304F\u69CB\u6210\u3055\u308C\u3066\u3044\u308B\u3053\u3068\u3092\u78BA\u8A8D\u3057\u3066\u304F\u3060\u3055\u3044\u3002"},
+        {"Warning.Class.not.found.class", "\u8B66\u544A: \u30AF\u30E9\u30B9\u304C\u898B\u3064\u304B\u308A\u307E\u305B\u3093: {0}"},
+        {"Warning.Invalid.argument.s.for.constructor.arg",
+                "\u8B66\u544A: \u30B3\u30F3\u30B9\u30C8\u30E9\u30AF\u30BF\u306E\u5F15\u6570\u304C\u7121\u52B9\u3067\u3059: {0}"},
+        {"Illegal.Principal.Type.type", "\u4E0D\u6B63\u306A\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u306E\u30BF\u30A4\u30D7: {0}"},
+        {"Illegal.option.option", "\u4E0D\u6B63\u306A\u30AA\u30D7\u30B7\u30E7\u30F3: {0}"},
+        {"Usage.policytool.options.", "\u4F7F\u7528\u65B9\u6CD5: policytool [options]"},
+        {".file.file.policy.file.location",
+                "  [-file <file>]  \u30DD\u30EA\u30B7\u30FC\u30FB\u30D5\u30A1\u30A4\u30EB\u306E\u5834\u6240"},
+        {"New", "\u65B0\u898F"},
+        {"Open", "\u958B\u304F"},
+        {"Save", "\u4FDD\u5B58"},
+        {"Save.As", "\u5225\u540D\u4FDD\u5B58"},
+        {"View.Warning.Log", "\u8B66\u544A\u30ED\u30B0\u306E\u8868\u793A"},
+        {"Exit", "\u7D42\u4E86"},
+        {"Add.Policy.Entry", "\u30DD\u30EA\u30B7\u30FC\u30FB\u30A8\u30F3\u30C8\u30EA\u306E\u8FFD\u52A0"},
+        {"Edit.Policy.Entry", "\u30DD\u30EA\u30B7\u30FC\u30FB\u30A8\u30F3\u30C8\u30EA\u306E\u7DE8\u96C6"},
+        {"Remove.Policy.Entry", "\u30DD\u30EA\u30B7\u30FC\u30FB\u30A8\u30F3\u30C8\u30EA\u306E\u524A\u9664"},
+        {"Edit", "\u7DE8\u96C6"},
+        {"Retain", "\u4FDD\u6301"},
+
+        {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes",
+            "\u8B66\u544A: \u30D5\u30A1\u30A4\u30EB\u540D\u306B\u30A8\u30B9\u30B1\u30FC\u30D7\u3055\u308C\u305F\u30D0\u30C3\u30AF\u30B9\u30E9\u30C3\u30B7\u30E5\u6587\u5B57\u304C\u542B\u307E\u308C\u3066\u3044\u308B\u53EF\u80FD\u6027\u304C\u3042\u308A\u307E\u3059\u3002\u30D0\u30C3\u30AF\u30B9\u30E9\u30C3\u30B7\u30E5\u6587\u5B57\u3092\u30A8\u30B9\u30B1\u30FC\u30D7\u3059\u308B\u5FC5\u8981\u306F\u3042\u308A\u307E\u305B\u3093(\u30C4\u30FC\u30EB\u306F\u30DD\u30EA\u30B7\u30FC\u5185\u5BB9\u3092\u6C38\u7D9A\u30B9\u30C8\u30A2\u306B\u66F8\u304D\u8FBC\u3080\u3068\u304D\u306B\u3001\u5FC5\u8981\u306B\u5FDC\u3058\u3066\u6587\u5B57\u3092\u30A8\u30B9\u30B1\u30FC\u30D7\u3057\u307E\u3059)\u3002\n\n\u5165\u529B\u6E08\u306E\u540D\u524D\u3092\u4FDD\u6301\u3059\u308B\u306B\u306F\u300C\u4FDD\u6301\u300D\u3092\u30AF\u30EA\u30C3\u30AF\u3057\u3001\u540D\u524D\u3092\u7DE8\u96C6\u3059\u308B\u306B\u306F\u300C\u7DE8\u96C6\u300D\u3092\u30AF\u30EA\u30C3\u30AF\u3057\u3066\u304F\u3060\u3055\u3044\u3002"},
+
+        {"Add.Public.Key.Alias", "\u516C\u958B\u9375\u306E\u5225\u540D\u306E\u8FFD\u52A0"},
+        {"Remove.Public.Key.Alias", "\u516C\u958B\u9375\u306E\u5225\u540D\u3092\u524A\u9664"},
+        {"File", "\u30D5\u30A1\u30A4\u30EB"},
+        {"KeyStore", "\u30AD\u30FC\u30B9\u30C8\u30A2"},
+        {"Policy.File.", "\u30DD\u30EA\u30B7\u30FC\u30FB\u30D5\u30A1\u30A4\u30EB:"},
+        {"Could.not.open.policy.file.policyFile.e.toString.",
+                "\u30DD\u30EA\u30B7\u30FC\u30FB\u30D5\u30A1\u30A4\u30EB\u3092\u958B\u3051\u307E\u305B\u3093\u3067\u3057\u305F: {0}: {1}"},
+        {"Policy.Tool", "\u30DD\u30EA\u30B7\u30FC\u30FB\u30C4\u30FC\u30EB"},
+        {"Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.",
+                "\u30DD\u30EA\u30B7\u30FC\u69CB\u6210\u3092\u958B\u304F\u3068\u304D\u306B\u30A8\u30E9\u30FC\u304C\u767A\u751F\u3057\u307E\u3057\u305F\u3002\u8A73\u7D30\u306F\u8B66\u544A\u30ED\u30B0\u3092\u53C2\u7167\u3057\u3066\u304F\u3060\u3055\u3044\u3002"},
+        {"Error", "\u30A8\u30E9\u30FC"},
+        {"OK", "OK"},
+        {"Status", "\u72B6\u614B"},
+        {"Warning", "\u8B66\u544A"},
+        {"Permission.",
+                "\u30A2\u30AF\u30BB\u30B9\u6A29:                                                       "},
+        {"Principal.Type.", "\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u306E\u30BF\u30A4\u30D7:"},
+        {"Principal.Name.", "\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u306E\u540D\u524D:"},
+        {"Target.Name.",
+                "\u30BF\u30FC\u30B2\u30C3\u30C8\u540D:                                                    "},
+        {"Actions.",
+                "\u30A2\u30AF\u30B7\u30E7\u30F3:                                                             "},
+        {"OK.to.overwrite.existing.file.filename.",
+                "\u65E2\u5B58\u306E\u30D5\u30A1\u30A4\u30EB{0}\u306B\u4E0A\u66F8\u304D\u3057\u307E\u3059\u304B\u3002"},
+        {"Cancel", "\u53D6\u6D88"},
+        {"CodeBase.", "CodeBase:"},
+        {"SignedBy.", "SignedBy:"},
+        {"Add.Principal", "\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u306E\u8FFD\u52A0"},
+        {"Edit.Principal", "\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u306E\u7DE8\u96C6"},
+        {"Remove.Principal", "\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u306E\u524A\u9664"},
+        {"Principals.", "\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB:"},
+        {".Add.Permission", "  \u30A2\u30AF\u30BB\u30B9\u6A29\u306E\u8FFD\u52A0"},
+        {".Edit.Permission", "  \u30A2\u30AF\u30BB\u30B9\u6A29\u306E\u7DE8\u96C6"},
+        {"Remove.Permission", "\u30A2\u30AF\u30BB\u30B9\u6A29\u306E\u524A\u9664"},
+        {"Done", "\u5B8C\u4E86"},
+        {"KeyStore.URL.", "\u30AD\u30FC\u30B9\u30C8\u30A2URL:"},
+        {"KeyStore.Type.", "\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30BF\u30A4\u30D7:"},
+        {"KeyStore.Provider.", "\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30D7\u30ED\u30D0\u30A4\u30C0:"},
+        {"KeyStore.Password.URL.", "\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30D1\u30B9\u30EF\u30FC\u30C9URL:"},
+        {"Principals", "\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB"},
+        {".Edit.Principal.", "  \u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u306E\u7DE8\u96C6:"},
+        {".Add.New.Principal.", "  \u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u306E\u65B0\u898F\u8FFD\u52A0:"},
+        {"Permissions", "\u30A2\u30AF\u30BB\u30B9\u6A29"},
+        {".Edit.Permission.", "  \u30A2\u30AF\u30BB\u30B9\u6A29\u306E\u7DE8\u96C6:"},
+        {".Add.New.Permission.", "  \u65B0\u898F\u30A2\u30AF\u30BB\u30B9\u6A29\u306E\u8FFD\u52A0:"},
+        {"Signed.By.", "\u7F72\u540D\u8005:"},
+        {"Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name",
+            "\u30EF\u30A4\u30EB\u30C9\u30AB\u30FC\u30C9\u540D\u306E\u306A\u3044\u30EF\u30A4\u30EB\u30C9\u30AB\u30FC\u30C9\u30FB\u30AF\u30E9\u30B9\u3092\u4F7F\u7528\u3057\u3066\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u3092\u6307\u5B9A\u3059\u308B\u3053\u3068\u306F\u3067\u304D\u307E\u305B\u3093"},
+        {"Cannot.Specify.Principal.without.a.Name",
+            "\u540D\u524D\u3092\u4F7F\u7528\u305B\u305A\u306B\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u3092\u6307\u5B9A\u3059\u308B\u3053\u3068\u306F\u3067\u304D\u307E\u305B\u3093"},
+        {"Permission.and.Target.Name.must.have.a.value",
+                "\u30A2\u30AF\u30BB\u30B9\u6A29\u3068\u30BF\u30FC\u30B2\u30C3\u30C8\u540D\u306F\u3001\u5024\u3092\u4FDD\u6301\u3059\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059"},
+        {"Remove.this.Policy.Entry.", "\u3053\u306E\u30DD\u30EA\u30B7\u30FC\u30FB\u30A8\u30F3\u30C8\u30EA\u3092\u524A\u9664\u3057\u307E\u3059\u304B\u3002"},
+        {"Overwrite.File", "\u30D5\u30A1\u30A4\u30EB\u3092\u4E0A\u66F8\u304D\u3057\u307E\u3059"},
+        {"Policy.successfully.written.to.filename",
+                "\u30DD\u30EA\u30B7\u30FC\u306E{0}\u3078\u306E\u66F8\u8FBC\u307F\u306B\u6210\u529F\u3057\u307E\u3057\u305F"},
+        {"null.filename", "\u30D5\u30A1\u30A4\u30EB\u540D\u304Cnull\u3067\u3059"},
+        {"Save.changes.", "\u5909\u66F4\u3092\u4FDD\u5B58\u3057\u307E\u3059\u304B\u3002"},
+        {"Yes", "\u306F\u3044"},
+        {"No", "\u3044\u3044\u3048"},
+        {"Policy.Entry", "\u30DD\u30EA\u30B7\u30FC\u30FB\u30A8\u30F3\u30C8\u30EA"},
+        {"Save.Changes", "\u5909\u66F4\u3092\u4FDD\u5B58\u3057\u307E\u3059"},
+        {"No.Policy.Entry.selected", "\u30DD\u30EA\u30B7\u30FC\u30FB\u30A8\u30F3\u30C8\u30EA\u304C\u9078\u629E\u3055\u308C\u3066\u3044\u307E\u305B\u3093"},
+        {"Unable.to.open.KeyStore.ex.toString.",
+                "\u30AD\u30FC\u30B9\u30C8\u30A2{0}\u3092\u958B\u3051\u307E\u305B\u3093"},
+        {"No.principal.selected", "\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u304C\u9078\u629E\u3055\u308C\u3066\u3044\u307E\u305B\u3093"},
+        {"No.permission.selected", "\u30A2\u30AF\u30BB\u30B9\u6A29\u304C\u9078\u629E\u3055\u308C\u3066\u3044\u307E\u305B\u3093"},
+        {"name", "\u540D\u524D"},
+        {"configuration.type", "\u69CB\u6210\u30BF\u30A4\u30D7"},
+        {"environment.variable.name", "\u74B0\u5883\u5909\u6570\u540D"},
+        {"library.name", "\u30E9\u30A4\u30D6\u30E9\u30EA\u540D"},
+        {"package.name", "\u30D1\u30C3\u30B1\u30FC\u30B8\u540D"},
+        {"policy.type", "\u30DD\u30EA\u30B7\u30FC\u30FB\u30BF\u30A4\u30D7"},
+        {"property.name", "\u30D7\u30ED\u30D1\u30C6\u30A3\u540D"},
+        {"provider.name", "\u30D7\u30ED\u30D0\u30A4\u30C0\u540D"},
+        {"Principal.List", "\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u306E\u30EA\u30B9\u30C8"},
+        {"Permission.List", "\u30A2\u30AF\u30BB\u30B9\u6A29\u306E\u30EA\u30B9\u30C8"},
+        {"Code.Base", "\u30B3\u30FC\u30C9\u30FB\u30D9\u30FC\u30B9"},
+        {"KeyStore.U.R.L.", "\u30AD\u30FC\u30B9\u30C8\u30A2U R L:"},
+        {"KeyStore.Password.U.R.L.", "\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30D1\u30B9\u30EF\u30FC\u30C9U R L:"}
+    };
+
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/policytool/Resources_ko.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,156 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.policytool;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for the policytool.
+ *
+ */
+public class Resources_ko extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+        {"NEWLINE", "\n"},
+        {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.",
+                "\uACBD\uACE0: {0} \uBCC4\uCE6D\uC5D0 \uB300\uD55C \uACF5\uC6A9 \uD0A4\uAC00 \uC874\uC7AC\uD558\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4. \uD0A4 \uC800\uC7A5\uC18C\uAC00 \uC81C\uB300\uB85C \uAD6C\uC131\uB418\uC5B4 \uC788\uB294\uC9C0 \uD655\uC778\uD558\uC2ED\uC2DC\uC624."},
+        {"Warning.Class.not.found.class", "\uACBD\uACE0: \uD074\uB798\uC2A4\uB97C \uCC3E\uC744 \uC218 \uC5C6\uC74C: {0}"},
+        {"Warning.Invalid.argument.s.for.constructor.arg",
+                "\uACBD\uACE0: \uC0DD\uC131\uC790\uC5D0 \uB300\uD574 \uBD80\uC801\uD569\uD55C \uC778\uC218: {0}"},
+        {"Illegal.Principal.Type.type", "\uC798\uBABB\uB41C \uC8FC\uCCB4 \uC720\uD615: {0}"},
+        {"Illegal.option.option", "\uC798\uBABB\uB41C \uC635\uC158: {0}"},
+        {"Usage.policytool.options.", "\uC0AC\uC6A9\uBC95: policytool [options]"},
+        {".file.file.policy.file.location",
+                "  [-file <file>]    \uC815\uCC45 \uD30C\uC77C \uC704\uCE58"},
+        {"New", "\uC0C8\uB85C \uB9CC\uB4E4\uAE30"},
+        {"Open", "\uC5F4\uAE30"},
+        {"Save", "\uC800\uC7A5"},
+        {"Save.As", "\uB2E4\uB978 \uC774\uB984\uC73C\uB85C \uC800\uC7A5"},
+        {"View.Warning.Log", "\uACBD\uACE0 \uB85C\uADF8 \uBCF4\uAE30"},
+        {"Exit", "\uC885\uB8CC"},
+        {"Add.Policy.Entry", "\uC815\uCC45 \uD56D\uBAA9 \uCD94\uAC00"},
+        {"Edit.Policy.Entry", "\uC815\uCC45 \uD56D\uBAA9 \uD3B8\uC9D1"},
+        {"Remove.Policy.Entry", "\uC815\uCC45 \uD56D\uBAA9 \uC81C\uAC70"},
+        {"Edit", "\uD3B8\uC9D1"},
+        {"Retain", "\uC720\uC9C0"},
+
+        {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes",
+            "\uACBD\uACE0: \uD30C\uC77C \uC774\uB984\uC5D0 \uC774\uC2A4\uCF00\uC774\uD504\uB41C \uBC31\uC2AC\uB798\uC2DC \uBB38\uC790\uAC00 \uD3EC\uD568\uB418\uC5C8\uC744 \uC218 \uC788\uC2B5\uB2C8\uB2E4. \uBC31\uC2AC\uB798\uC2DC \uBB38\uC790\uB294 \uC774\uC2A4\uCF00\uC774\uD504\uD560 \uD544\uC694\uAC00 \uC5C6\uC2B5\uB2C8\uB2E4. \uC601\uAD6C \uC800\uC7A5\uC18C\uC5D0 \uC815\uCC45 \uCF58\uD150\uCE20\uB97C \uC4F8 \uB54C \uD544\uC694\uC5D0 \uB530\uB77C \uC790\uB3D9\uC73C\uB85C \uBB38\uC790\uAC00 \uC774\uC2A4\uCF00\uC774\uD504\uB429\uB2C8\uB2E4.\n\n\uC785\uB825\uB41C \uC774\uB984\uC744 \uADF8\uB300\uB85C \uC720\uC9C0\uD558\uB824\uBA74 [\uC720\uC9C0]\uB97C \uB204\uB974\uACE0, \uC774\uB984\uC744 \uD3B8\uC9D1\uD558\uB824\uBA74 [\uD3B8\uC9D1]\uC744 \uB204\uB974\uC2ED\uC2DC\uC624."},
+
+        {"Add.Public.Key.Alias", "\uACF5\uC6A9 \uD0A4 \uBCC4\uCE6D \uCD94\uAC00"},
+        {"Remove.Public.Key.Alias", "\uACF5\uC6A9 \uD0A4 \uBCC4\uCE6D \uC81C\uAC70"},
+        {"File", "\uD30C\uC77C"},
+        {"KeyStore", "\uD0A4 \uC800\uC7A5\uC18C"},
+        {"Policy.File.", "\uC815\uCC45 \uD30C\uC77C:"},
+        {"Could.not.open.policy.file.policyFile.e.toString.",
+                "\uC815\uCC45 \uD30C\uC77C\uC744 \uC5F4 \uC218 \uC5C6\uC74C: {0}: {1}"},
+        {"Policy.Tool", "\uC815\uCC45 \uD234"},
+        {"Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.",
+                "\uC815\uCC45 \uAD6C\uC131\uC744 \uC5EC\uB294 \uC911 \uC624\uB958\uAC00 \uBC1C\uC0DD\uD588\uC2B5\uB2C8\uB2E4. \uC790\uC138\uD55C \uB0B4\uC6A9\uC740 \uACBD\uACE0 \uB85C\uADF8\uB97C \uD655\uC778\uD558\uC2ED\uC2DC\uC624."},
+        {"Error", "\uC624\uB958"},
+        {"OK", "\uD655\uC778"},
+        {"Status", "\uC0C1\uD0DC"},
+        {"Warning", "\uACBD\uACE0"},
+        {"Permission.",
+                "\uAD8C\uD55C:                                                       "},
+        {"Principal.Type.", "\uC8FC\uCCB4 \uC720\uD615:"},
+        {"Principal.Name.", "\uC8FC\uCCB4 \uC774\uB984:"},
+        {"Target.Name.",
+                "\uB300\uC0C1 \uC774\uB984:                                                    "},
+        {"Actions.",
+                "\uC791\uC5C5:                                                             "},
+        {"OK.to.overwrite.existing.file.filename.",
+                "\uAE30\uC874 \uD30C\uC77C {0}\uC744(\uB97C) \uACB9\uCCD0 \uC4F0\uACA0\uC2B5\uB2C8\uAE4C?"},
+        {"Cancel", "\uCDE8\uC18C"},
+        {"CodeBase.", "CodeBase:"},
+        {"SignedBy.", "SignedBy:"},
+        {"Add.Principal", "\uC8FC\uCCB4 \uCD94\uAC00"},
+        {"Edit.Principal", "\uC8FC\uCCB4 \uD3B8\uC9D1"},
+        {"Remove.Principal", "\uC8FC\uCCB4 \uC81C\uAC70"},
+        {"Principals.", "\uC8FC\uCCB4:"},
+        {".Add.Permission", "  \uAD8C\uD55C \uCD94\uAC00"},
+        {".Edit.Permission", "  \uAD8C\uD55C \uD3B8\uC9D1"},
+        {"Remove.Permission", "\uAD8C\uD55C \uC81C\uAC70"},
+        {"Done", "\uC644\uB8CC"},
+        {"KeyStore.URL.", "\uD0A4 \uC800\uC7A5\uC18C URL:"},
+        {"KeyStore.Type.", "\uD0A4 \uC800\uC7A5\uC18C \uC720\uD615:"},
+        {"KeyStore.Provider.", "\uD0A4 \uC800\uC7A5\uC18C \uC81C\uACF5\uC790:"},
+        {"KeyStore.Password.URL.", "\uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638 URL:"},
+        {"Principals", "\uC8FC\uCCB4"},
+        {".Edit.Principal.", "  \uC8FC\uCCB4 \uD3B8\uC9D1:"},
+        {".Add.New.Principal.", "  \uC0C8 \uC8FC\uCCB4 \uCD94\uAC00:"},
+        {"Permissions", "\uAD8C\uD55C"},
+        {".Edit.Permission.", "  \uAD8C\uD55C \uD3B8\uC9D1:"},
+        {".Add.New.Permission.", "  \uC0C8 \uAD8C\uD55C \uCD94\uAC00:"},
+        {"Signed.By.", "\uC11C\uBA85\uC790:"},
+        {"Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name",
+            "\uC640\uC77C\uB4DC \uCE74\uB4DC \uBB38\uC790 \uC774\uB984 \uC5C6\uC774 \uC640\uC77C\uB4DC \uCE74\uB4DC \uBB38\uC790 \uD074\uB798\uC2A4\uB97C \uC0AC\uC6A9\uD558\uB294 \uC8FC\uCCB4\uB97C \uC9C0\uC815\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4."},
+        {"Cannot.Specify.Principal.without.a.Name",
+            "\uC774\uB984 \uC5C6\uC774 \uC8FC\uCCB4\uB97C \uC9C0\uC815\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4."},
+        {"Permission.and.Target.Name.must.have.a.value",
+                "\uAD8C\uD55C\uACFC \uB300\uC0C1 \uC774\uB984\uC758 \uAC12\uC774 \uC788\uC5B4\uC57C \uD569\uB2C8\uB2E4."},
+        {"Remove.this.Policy.Entry.", "\uC774 \uC815\uCC45 \uD56D\uBAA9\uC744 \uC81C\uAC70\uD558\uACA0\uC2B5\uB2C8\uAE4C?"},
+        {"Overwrite.File", "\uD30C\uC77C \uACB9\uCCD0\uC4F0\uAE30"},
+        {"Policy.successfully.written.to.filename",
+                "{0}\uC5D0 \uC131\uACF5\uC801\uC73C\uB85C \uC815\uCC45\uC744 \uC37C\uC2B5\uB2C8\uB2E4."},
+        {"null.filename", "\uB110 \uD30C\uC77C \uC774\uB984"},
+        {"Save.changes.", "\uBCC0\uACBD \uC0AC\uD56D\uC744 \uC800\uC7A5\uD558\uACA0\uC2B5\uB2C8\uAE4C?"},
+        {"Yes", "\uC608"},
+        {"No", "\uC544\uB2C8\uC624"},
+        {"Policy.Entry", "\uC815\uCC45 \uD56D\uBAA9"},
+        {"Save.Changes", "\uBCC0\uACBD \uC0AC\uD56D \uC800\uC7A5"},
+        {"No.Policy.Entry.selected", "\uC120\uD0DD\uB41C \uC815\uCC45 \uD56D\uBAA9\uC774 \uC5C6\uC2B5\uB2C8\uB2E4."},
+        {"Unable.to.open.KeyStore.ex.toString.",
+                "\uD0A4 \uC800\uC7A5\uC18C\uB97C \uC5F4 \uC218 \uC5C6\uC74C: {0}"},
+        {"No.principal.selected", "\uC120\uD0DD\uB41C \uC8FC\uCCB4\uAC00 \uC5C6\uC2B5\uB2C8\uB2E4."},
+        {"No.permission.selected", "\uC120\uD0DD\uB41C \uAD8C\uD55C\uC774 \uC5C6\uC2B5\uB2C8\uB2E4."},
+        {"name", "\uC774\uB984"},
+        {"configuration.type", "\uAD6C\uC131 \uC720\uD615"},
+        {"environment.variable.name", "\uD658\uACBD \uBCC0\uC218 \uC774\uB984"},
+        {"library.name", "\uB77C\uC774\uBE0C\uB7EC\uB9AC \uC774\uB984"},
+        {"package.name", "\uD328\uD0A4\uC9C0 \uC774\uB984"},
+        {"policy.type", "\uC815\uCC45 \uC720\uD615"},
+        {"property.name", "\uC18D\uC131 \uC774\uB984"},
+        {"provider.name", "\uC81C\uACF5\uC790 \uC774\uB984"},
+        {"Principal.List", "\uC8FC\uCCB4 \uBAA9\uB85D"},
+        {"Permission.List", "\uAD8C\uD55C \uBAA9\uB85D"},
+        {"Code.Base", "\uCF54\uB4DC \uBCA0\uC774\uC2A4"},
+        {"KeyStore.U.R.L.", "\uD0A4 \uC800\uC7A5\uC18C URL:"},
+        {"KeyStore.Password.U.R.L.", "\uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638 URL:"}
+    };
+
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/policytool/Resources_pt_BR.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,156 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.policytool;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for the policytool.
+ *
+ */
+public class Resources_pt_BR extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+        {"NEWLINE", "\n"},
+        {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.",
+                "Advert\u00EAncia: N\u00E3o existe uma chave p\u00FAblica para o alias {0}. Certifique-se de que um KeyStore esteja configurado adequadamente."},
+        {"Warning.Class.not.found.class", "Advert\u00EAncia: Classe n\u00E3o encontrada: {0}"},
+        {"Warning.Invalid.argument.s.for.constructor.arg",
+                "Advert\u00EAncia: Argumento(s) inv\u00E1lido(s) para o construtor: {0}"},
+        {"Illegal.Principal.Type.type", "Tipo Principal Inv\u00E1lido: {0}"},
+        {"Illegal.option.option", "Op\u00E7\u00E3o inv\u00E1lida: {0}"},
+        {"Usage.policytool.options.", "Uso: policytool [op\u00E7\u00F5es]"},
+        {".file.file.policy.file.location",
+                "  [-file <arquivo>]    localiza\u00E7\u00E3o do arquivo de pol\u00EDtica"},
+        {"New", "Novo"},
+        {"Open", "Abrir"},
+        {"Save", "Salvar"},
+        {"Save.As", "Salvar Como"},
+        {"View.Warning.Log", "Exibir Log de Advert\u00EAncias"},
+        {"Exit", "Sair"},
+        {"Add.Policy.Entry", "Adicionar Entrada de Pol\u00EDtica"},
+        {"Edit.Policy.Entry", "Editar Entrada de Pol\u00EDtica"},
+        {"Remove.Policy.Entry", "Remover Entrada de Pol\u00EDtica"},
+        {"Edit", "Editar"},
+        {"Retain", "Reter"},
+
+        {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes",
+            "Advert\u00EAncia: O nome do arquivo pode conter caracteres de escape barra invertida. N\u00E3o \u00E9 necess\u00E1rio fazer o escape dos caracteres de barra invertida (a ferramenta faz o escape dos caracteres conforme necess\u00E1rio ao gravar o conte\u00FAdo da pol\u00EDtica no armazenamento persistente).\n\nClique em Reter para reter o nome da entrada ou clique em Editar para edit\u00E1-lo."},
+
+        {"Add.Public.Key.Alias", "Adicionar Alias de Chave P\u00FAblica"},
+        {"Remove.Public.Key.Alias", "Remover Alias de Chave P\u00FAblica"},
+        {"File", "Arquivo"},
+        {"KeyStore", "KeyStore"},
+        {"Policy.File.", "Arquivo de Pol\u00EDtica:"},
+        {"Could.not.open.policy.file.policyFile.e.toString.",
+                "N\u00E3o foi poss\u00EDvel abrir o arquivo de pol\u00EDtica: {0}: {1}"},
+        {"Policy.Tool", "Ferramenta de Pol\u00EDtica"},
+        {"Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.",
+                "Erros durante a abertura da configura\u00E7\u00E3o da pol\u00EDtica. Consulte o Log de Advert\u00EAncias para obter mais informa\u00E7\u00F5es."},
+        {"Error", "Erro"},
+        {"OK", "OK"},
+        {"Status", "Status"},
+        {"Warning", "Advert\u00EAncia"},
+        {"Permission.",
+                "Permiss\u00E3o:                                                       "},
+        {"Principal.Type.", "Tipo do Principal:"},
+        {"Principal.Name.", "Nome do Principal:"},
+        {"Target.Name.",
+                "Nome do Alvo:                                                    "},
+        {"Actions.",
+                "A\u00E7\u00F5es:                                                             "},
+        {"OK.to.overwrite.existing.file.filename.",
+                "Est\u00E1 correto substituir o arquivo existente {0}?"},
+        {"Cancel", "Cancelar"},
+        {"CodeBase.", "CodeBase:"},
+        {"SignedBy.", "SignedBy:"},
+        {"Add.Principal", "Adicionar Principal"},
+        {"Edit.Principal", "Editar Principal"},
+        {"Remove.Principal", "Remover Principal"},
+        {"Principals.", "Principais:"},
+        {".Add.Permission", "  Adicionar Permiss\u00E3o"},
+        {".Edit.Permission", "  Editar Permiss\u00E3o"},
+        {"Remove.Permission", "Remover Permiss\u00E3o"},
+        {"Done", "Conclu\u00EDdo"},
+        {"KeyStore.URL.", "URL do KeyStore:"},
+        {"KeyStore.Type.", "Tipo de KeyStore:"},
+        {"KeyStore.Provider.", "Fornecedor de KeyStore:"},
+        {"KeyStore.Password.URL.", "URL da Senha do KeyStore:"},
+        {"Principals", "Principais"},
+        {".Edit.Principal.", "  Editar Principal:"},
+        {".Add.New.Principal.", "  Adicionar Novo Principal:"},
+        {"Permissions", "Permiss\u00F5es"},
+        {".Edit.Permission.", "  Editar Permiss\u00E3o:"},
+        {".Add.New.Permission.", "  Adicionar Nova Permiss\u00E3o:"},
+        {"Signed.By.", "Assinado por:"},
+        {"Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name",
+            "N\u00E3o \u00E9 Poss\u00EDvel Especificar um Principal com uma Classe de Curinga sem um Nome de Curinga"},
+        {"Cannot.Specify.Principal.without.a.Name",
+            "N\u00E3o \u00E9 Poss\u00EDvel Especificar um Principal sem um Nome"},
+        {"Permission.and.Target.Name.must.have.a.value",
+                "O Nome de Destino e a Permiss\u00E3o devem ter um Valor"},
+        {"Remove.this.Policy.Entry.", "Remover esta Entrada de Pol\u00EDtica?"},
+        {"Overwrite.File", "Substituir Arquivo"},
+        {"Policy.successfully.written.to.filename",
+                "Pol\u00EDtica gravada com \u00EAxito em {0}"},
+        {"null.filename", "nome de arquivo nulo"},
+        {"Save.changes.", "Salvar altera\u00E7\u00F5es?"},
+        {"Yes", "Sim"},
+        {"No", "N\u00E3o"},
+        {"Policy.Entry", "Entrada de Pol\u00EDtica"},
+        {"Save.Changes", "Salvar Altera\u00E7\u00F5es"},
+        {"No.Policy.Entry.selected", "Nenhuma Entrada de Pol\u00EDtica Selecionada"},
+        {"Unable.to.open.KeyStore.ex.toString.",
+                "N\u00E3o \u00E9 poss\u00EDvel abrir a KeyStore: {0}"},
+        {"No.principal.selected", "Nenhum principal selecionado"},
+        {"No.permission.selected", "Nenhuma permiss\u00E3o selecionada"},
+        {"name", "nome"},
+        {"configuration.type", "tipo de configura\u00E7\u00E3o"},
+        {"environment.variable.name", "nome da vari\u00E1vel de ambiente"},
+        {"library.name", "nome da biblioteca"},
+        {"package.name", "nome do pacote"},
+        {"policy.type", "tipo de pol\u00EDtica"},
+        {"property.name", "nome da propriedade"},
+        {"provider.name", "nome do fornecedor"},
+        {"Principal.List", "Lista de Principais"},
+        {"Permission.List", "Lista de Permiss\u00F5es"},
+        {"Code.Base", "Base de C\u00F3digo"},
+        {"KeyStore.U.R.L.", "U R L da KeyStore:"},
+        {"KeyStore.Password.U.R.L.", "U R L da Senha do KeyStore:"}
+    };
+
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/policytool/Resources_sv.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,156 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.policytool;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for the policytool.
+ *
+ */
+public class Resources_sv extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+        {"NEWLINE", "\n"},
+        {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.",
+                "Varning! Det finns ingen offentlig nyckel f\u00F6r aliaset {0}. Kontrollera att det aktuella nyckellagret \u00E4r korrekt konfigurerat."},
+        {"Warning.Class.not.found.class", "Varning! Klassen hittades inte: {0}"},
+        {"Warning.Invalid.argument.s.for.constructor.arg",
+                "Varning! Ogiltiga argument f\u00F6r konstruktor: {0}"},
+        {"Illegal.Principal.Type.type", "Otill\u00E5ten identitetshavaretyp: {0}"},
+        {"Illegal.option.option", "Otill\u00E5tet alternativ: {0}"},
+        {"Usage.policytool.options.", "Syntax: policytool [alternativ]"},
+        {".file.file.policy.file.location",
+                "  [-file <fil>]    policyfilens plats"},
+        {"New", "Nytt"},
+        {"Open", "\u00D6ppna"},
+        {"Save", "Spara"},
+        {"Save.As", "Spara som"},
+        {"View.Warning.Log", "Visa varningslogg"},
+        {"Exit", "Avsluta"},
+        {"Add.Policy.Entry", "L\u00E4gg till policypost"},
+        {"Edit.Policy.Entry", "Redigera policypost"},
+        {"Remove.Policy.Entry", "Ta bort policypost"},
+        {"Edit", "Redigera"},
+        {"Retain", "Beh\u00E5ll"},
+
+        {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes",
+            "Varning! Filnamnet kan inneh\u00E5lla omv\u00E4nda snedstreck inom citattecken. Citattecken kr\u00E4vs inte f\u00F6r omv\u00E4nda snedstreck (verktyget hanterar detta n\u00E4r policyinneh\u00E5llet skrivs till det best\u00E4ndiga lagret).\n\nKlicka p\u00E5 Beh\u00E5ll f\u00F6r att beh\u00E5lla det angivna namnet, eller klicka p\u00E5 Redigera f\u00F6r att \u00E4ndra det."},
+
+        {"Add.Public.Key.Alias", "L\u00E4gg till offentligt nyckelalias"},
+        {"Remove.Public.Key.Alias", "Ta bort offentligt nyckelalias"},
+        {"File", "Fil"},
+        {"KeyStore", "Nyckellager"},
+        {"Policy.File.", "Policyfil:"},
+        {"Could.not.open.policy.file.policyFile.e.toString.",
+                "Kan inte \u00F6ppna policyfilen: {0}: {1}"},
+        {"Policy.Tool", "Policyverktyg"},
+        {"Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.",
+                "Det uppstod ett fel n\u00E4r policykonfigurationen skulle \u00F6ppnas. Se varningsloggen f\u00F6r mer information."},
+        {"Error", "Fel"},
+        {"OK", "OK"},
+        {"Status", "Status"},
+        {"Warning", "Varning"},
+        {"Permission.",
+                "Beh\u00F6righet:                                                       "},
+        {"Principal.Type.", "Identitetshavaretyp:"},
+        {"Principal.Name.", "Identitetshavare:"},
+        {"Target.Name.",
+                "M\u00E5l:                                                    "},
+        {"Actions.",
+                "Funktioner:                                                             "},
+        {"OK.to.overwrite.existing.file.filename.",
+                "Ska den befintliga filen {0} skrivas \u00F6ver?"},
+        {"Cancel", "Avbryt"},
+        {"CodeBase.", "Kodbas:"},
+        {"SignedBy.", "Signerad av:"},
+        {"Add.Principal", "L\u00E4gg till identitetshavare"},
+        {"Edit.Principal", "Redigera identitetshavare"},
+        {"Remove.Principal", "Ta bort identitetshavare"},
+        {"Principals.", "Identitetshavare:"},
+        {".Add.Permission", "  L\u00E4gg till beh\u00F6righet"},
+        {".Edit.Permission", "  Redigera beh\u00F6righet"},
+        {"Remove.Permission", "Ta bort beh\u00F6righet"},
+        {"Done", "Utf\u00F6rd"},
+        {"KeyStore.URL.", "URL f\u00F6r nyckellager:"},
+        {"KeyStore.Type.", "Nyckellagertyp:"},
+        {"KeyStore.Provider.", "Nyckellagerleverant\u00F6r:"},
+        {"KeyStore.Password.URL.", "URL f\u00F6r l\u00F6senord till nyckellager:"},
+        {"Principals", "Identitetshavare"},
+        {".Edit.Principal.", "  Redigera identitetshavare:"},
+        {".Add.New.Principal.", "  L\u00E4gg till ny identitetshavare:"},
+        {"Permissions", "Beh\u00F6righet"},
+        {".Edit.Permission.", "  Redigera beh\u00F6righet:"},
+        {".Add.New.Permission.", "  L\u00E4gg till ny beh\u00F6righet:"},
+        {"Signed.By.", "Signerad av:"},
+        {"Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name",
+            "Kan inte specificera identitetshavare med jokerteckenklass utan jokerteckennamn"},
+        {"Cannot.Specify.Principal.without.a.Name",
+            "Kan inte specificera identitetshavare utan namn"},
+        {"Permission.and.Target.Name.must.have.a.value",
+                "Beh\u00F6righet och m\u00E5lnamn m\u00E5ste ha ett v\u00E4rde"},
+        {"Remove.this.Policy.Entry.", "Vill du ta bort den h\u00E4r policyposten?"},
+        {"Overwrite.File", "Skriv \u00F6ver fil"},
+        {"Policy.successfully.written.to.filename",
+                "Policy har skrivits till {0}"},
+        {"null.filename", "nullfilnamn"},
+        {"Save.changes.", "Vill du spara \u00E4ndringarna?"},
+        {"Yes", "Ja"},
+        {"No", "Nej"},
+        {"Policy.Entry", "Policyfel"},
+        {"Save.Changes", "Spara \u00E4ndringar"},
+        {"No.Policy.Entry.selected", "Ingen policypost har valts"},
+        {"Unable.to.open.KeyStore.ex.toString.",
+                "Kan inte \u00F6ppna nyckellagret: {0}"},
+        {"No.principal.selected", "Ingen identitetshavare har valts"},
+        {"No.permission.selected", "Ingen beh\u00F6righet har valts"},
+        {"name", "namn"},
+        {"configuration.type", "konfigurationstyp"},
+        {"environment.variable.name", "variabelnamn f\u00F6r milj\u00F6"},
+        {"library.name", "biblioteksnamn"},
+        {"package.name", "paketnamn"},
+        {"policy.type", "policytyp"},
+        {"property.name", "egenskapsnamn"},
+        {"provider.name", "leverant\u00F6rsnamn"},
+        {"Principal.List", "Lista \u00F6ver identitetshavare"},
+        {"Permission.List", "Beh\u00F6righetslista"},
+        {"Code.Base", "Kodbas"},
+        {"KeyStore.U.R.L.", "URL f\u00F6r nyckellager:"},
+        {"KeyStore.Password.U.R.L.", "URL f\u00F6r l\u00F6senord till nyckellager:"}
+    };
+
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/policytool/Resources_zh_CN.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,156 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.policytool;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for the policytool.
+ *
+ */
+public class Resources_zh_CN extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+        {"NEWLINE", "\n"},
+        {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.",
+                "\u8B66\u544A: \u522B\u540D {0} \u7684\u516C\u5171\u5BC6\u94A5\u4E0D\u5B58\u5728\u3002\u8BF7\u786E\u4FDD\u5DF2\u6B63\u786E\u914D\u7F6E KeyStore\u3002"},
+        {"Warning.Class.not.found.class", "\u8B66\u544A: \u627E\u4E0D\u5230\u7C7B: {0}"},
+        {"Warning.Invalid.argument.s.for.constructor.arg",
+                "\u8B66\u544A: \u6784\u9020\u5668\u7684\u53C2\u6570\u65E0\u6548: {0}"},
+        {"Illegal.Principal.Type.type", "\u975E\u6CD5\u7684\u4E3B\u7528\u6237\u7C7B\u578B: {0}"},
+        {"Illegal.option.option", "\u975E\u6CD5\u9009\u9879: {0}"},
+        {"Usage.policytool.options.", "\u7528\u6CD5: policytool [\u9009\u9879]"},
+        {".file.file.policy.file.location",
+                "  [-file <file>]    \u7B56\u7565\u6587\u4EF6\u4F4D\u7F6E"},
+        {"New", "\u65B0\u5EFA"},
+        {"Open", "\u6253\u5F00"},
+        {"Save", "\u4FDD\u5B58"},
+        {"Save.As", "\u53E6\u5B58\u4E3A"},
+        {"View.Warning.Log", "\u67E5\u770B\u8B66\u544A\u65E5\u5FD7"},
+        {"Exit", "\u9000\u51FA"},
+        {"Add.Policy.Entry", "\u6DFB\u52A0\u7B56\u7565\u6761\u76EE"},
+        {"Edit.Policy.Entry", "\u7F16\u8F91\u7B56\u7565\u6761\u76EE"},
+        {"Remove.Policy.Entry", "\u5220\u9664\u7B56\u7565\u6761\u76EE"},
+        {"Edit", "\u7F16\u8F91"},
+        {"Retain", "\u4FDD\u7559"},
+
+        {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes",
+            "\u8B66\u544A: \u6587\u4EF6\u540D\u5305\u542B\u8F6C\u4E49\u7684\u53CD\u659C\u6760\u5B57\u7B26\u3002\u4E0D\u9700\u8981\u5BF9\u53CD\u659C\u6760\u5B57\u7B26\u8FDB\u884C\u8F6C\u4E49 (\u8BE5\u5DE5\u5177\u5728\u5C06\u7B56\u7565\u5185\u5BB9\u5199\u5165\u6C38\u4E45\u5B58\u50A8\u65F6\u4F1A\u6839\u636E\u9700\u8981\u5BF9\u5B57\u7B26\u8FDB\u884C\u8F6C\u4E49)\u3002\n\n\u5355\u51FB\u201C\u4FDD\u7559\u201D\u53EF\u4FDD\u7559\u8F93\u5165\u7684\u540D\u79F0, \u6216\u8005\u5355\u51FB\u201C\u7F16\u8F91\u201D\u53EF\u7F16\u8F91\u8BE5\u540D\u79F0\u3002"},
+
+        {"Add.Public.Key.Alias", "\u6DFB\u52A0\u516C\u5171\u5BC6\u94A5\u522B\u540D"},
+        {"Remove.Public.Key.Alias", "\u5220\u9664\u516C\u5171\u5BC6\u94A5\u522B\u540D"},
+        {"File", "\u6587\u4EF6"},
+        {"KeyStore", "KeyStore"},
+        {"Policy.File.", "\u7B56\u7565\u6587\u4EF6:"},
+        {"Could.not.open.policy.file.policyFile.e.toString.",
+                "\u65E0\u6CD5\u6253\u5F00\u7B56\u7565\u6587\u4EF6: {0}: {1}"},
+        {"Policy.Tool", "\u7B56\u7565\u5DE5\u5177"},
+        {"Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.",
+                "\u6253\u5F00\u7B56\u7565\u914D\u7F6E\u65F6\u51FA\u9519\u3002\u6709\u5173\u8BE6\u7EC6\u4FE1\u606F, \u8BF7\u67E5\u770B\u8B66\u544A\u65E5\u5FD7\u3002"},
+        {"Error", "\u9519\u8BEF"},
+        {"OK", "\u786E\u5B9A"},
+        {"Status", "\u72B6\u6001"},
+        {"Warning", "\u8B66\u544A"},
+        {"Permission.",
+                "\u6743\u9650:                                                       "},
+        {"Principal.Type.", "\u4E3B\u7528\u6237\u7C7B\u578B:"},
+        {"Principal.Name.", "\u4E3B\u7528\u6237\u540D\u79F0:"},
+        {"Target.Name.",
+                "\u76EE\u6807\u540D\u79F0:                                                    "},
+        {"Actions.",
+                "\u64CD\u4F5C:                                                             "},
+        {"OK.to.overwrite.existing.file.filename.",
+                "\u786E\u8BA4\u8986\u76D6\u73B0\u6709\u7684\u6587\u4EF6{0}?"},
+        {"Cancel", "\u53D6\u6D88"},
+        {"CodeBase.", "CodeBase:"},
+        {"SignedBy.", "SignedBy:"},
+        {"Add.Principal", "\u6DFB\u52A0\u4E3B\u7528\u6237"},
+        {"Edit.Principal", "\u7F16\u8F91\u4E3B\u7528\u6237"},
+        {"Remove.Principal", "\u5220\u9664\u4E3B\u7528\u6237"},
+        {"Principals.", "\u4E3B\u7528\u6237:"},
+        {".Add.Permission", "  \u6DFB\u52A0\u6743\u9650"},
+        {".Edit.Permission", "  \u7F16\u8F91\u6743\u9650"},
+        {"Remove.Permission", "\u5220\u9664\u6743\u9650"},
+        {"Done", "\u5B8C\u6210"},
+        {"KeyStore.URL.", "KeyStore URL:"},
+        {"KeyStore.Type.", "KeyStore \u7C7B\u578B:"},
+        {"KeyStore.Provider.", "KeyStore \u63D0\u4F9B\u65B9:"},
+        {"KeyStore.Password.URL.", "KeyStore \u53E3\u4EE4 URL:"},
+        {"Principals", "\u4E3B\u7528\u6237"},
+        {".Edit.Principal.", "  \u7F16\u8F91\u4E3B\u7528\u6237:"},
+        {".Add.New.Principal.", "  \u6DFB\u52A0\u65B0\u4E3B\u7528\u6237:"},
+        {"Permissions", "\u6743\u9650"},
+        {".Edit.Permission.", "  \u7F16\u8F91\u6743\u9650:"},
+        {".Add.New.Permission.", "  \u52A0\u5165\u65B0\u7684\u6743\u9650:"},
+        {"Signed.By.", "\u7B7E\u7F72\u4EBA: "},
+        {"Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name",
+            "\u6CA1\u6709\u901A\u914D\u7B26\u540D\u79F0, \u65E0\u6CD5\u4F7F\u7528\u901A\u914D\u7B26\u7C7B\u6307\u5B9A\u4E3B\u7528\u6237"},
+        {"Cannot.Specify.Principal.without.a.Name",
+            "\u6CA1\u6709\u540D\u79F0, \u65E0\u6CD5\u6307\u5B9A\u4E3B\u7528\u6237"},
+        {"Permission.and.Target.Name.must.have.a.value",
+                "\u6743\u9650\u53CA\u76EE\u6807\u540D\u5FC5\u987B\u6709\u4E00\u4E2A\u503C"},
+        {"Remove.this.Policy.Entry.", "\u662F\u5426\u5220\u9664\u6B64\u7B56\u7565\u6761\u76EE?"},
+        {"Overwrite.File", "\u8986\u76D6\u6587\u4EF6"},
+        {"Policy.successfully.written.to.filename",
+                "\u7B56\u7565\u5DF2\u6210\u529F\u5199\u5165\u5230{0}"},
+        {"null.filename", "\u7A7A\u6587\u4EF6\u540D"},
+        {"Save.changes.", "\u662F\u5426\u4FDD\u5B58\u6240\u505A\u7684\u66F4\u6539?"},
+        {"Yes", "\u662F"},
+        {"No", "\u5426"},
+        {"Policy.Entry", "\u7B56\u7565\u6761\u76EE"},
+        {"Save.Changes", "\u4FDD\u5B58\u66F4\u6539"},
+        {"No.Policy.Entry.selected", "\u6CA1\u6709\u9009\u62E9\u7B56\u7565\u6761\u76EE"},
+        {"Unable.to.open.KeyStore.ex.toString.",
+                "\u65E0\u6CD5\u6253\u5F00 KeyStore: {0}"},
+        {"No.principal.selected", "\u672A\u9009\u62E9\u4E3B\u7528\u6237"},
+        {"No.permission.selected", "\u6CA1\u6709\u9009\u62E9\u6743\u9650"},
+        {"name", "\u540D\u79F0"},
+        {"configuration.type", "\u914D\u7F6E\u7C7B\u578B"},
+        {"environment.variable.name", "\u73AF\u5883\u53D8\u91CF\u540D"},
+        {"library.name", "\u5E93\u540D\u79F0"},
+        {"package.name", "\u7A0B\u5E8F\u5305\u540D\u79F0"},
+        {"policy.type", "\u7B56\u7565\u7C7B\u578B"},
+        {"property.name", "\u5C5E\u6027\u540D\u79F0"},
+        {"provider.name", "\u63D0\u4F9B\u65B9\u540D\u79F0"},
+        {"Principal.List", "\u4E3B\u7528\u6237\u5217\u8868"},
+        {"Permission.List", "\u6743\u9650\u5217\u8868"},
+        {"Code.Base", "\u4EE3\u7801\u5E93"},
+        {"KeyStore.U.R.L.", "KeyStore URL:"},
+        {"KeyStore.Password.U.R.L.", "KeyStore \u53E3\u4EE4 URL:"}
+    };
+
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/policytool/Resources_zh_HK.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,156 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.policytool;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for the policytool.
+ *
+ */
+public class Resources_zh_HK extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+        {"NEWLINE", "\n"},
+        {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.",
+                "\u8B66\u544A: \u5225\u540D {0} \u7684\u516C\u958B\u91D1\u9470\u4E0D\u5B58\u5728\u3002\u8ACB\u78BA\u5B9A\u91D1\u9470\u5132\u5B58\u5EAB\u914D\u7F6E\u6B63\u78BA\u3002"},
+        {"Warning.Class.not.found.class", "\u8B66\u544A: \u627E\u4E0D\u5230\u985E\u5225 {0}"},
+        {"Warning.Invalid.argument.s.for.constructor.arg",
+                "\u8B66\u544A: \u7121\u6548\u7684\u5EFA\u69CB\u5B50\u5F15\u6578: {0}"},
+        {"Illegal.Principal.Type.type", "\u7121\u6548\u7684 Principal \u985E\u578B: {0}"},
+        {"Illegal.option.option", "\u7121\u6548\u7684\u9078\u9805: {0}"},
+        {"Usage.policytool.options.", "\u7528\u6CD5: policytool [options]"},
+        {".file.file.policy.file.location",
+                "  [-file <file>]    \u539F\u5247\u6A94\u6848\u4F4D\u7F6E"},
+        {"New", "\u65B0\u589E"},
+        {"Open", "\u958B\u555F"},
+        {"Save", "\u5132\u5B58"},
+        {"Save.As", "\u53E6\u5B58\u65B0\u6A94"},
+        {"View.Warning.Log", "\u6AA2\u8996\u8B66\u544A\u8A18\u9304"},
+        {"Exit", "\u7D50\u675F"},
+        {"Add.Policy.Entry", "\u65B0\u589E\u539F\u5247\u9805\u76EE"},
+        {"Edit.Policy.Entry", "\u7DE8\u8F2F\u539F\u5247\u9805\u76EE"},
+        {"Remove.Policy.Entry", "\u79FB\u9664\u539F\u5247\u9805\u76EE"},
+        {"Edit", "\u7DE8\u8F2F"},
+        {"Retain", "\u4FDD\u7559"},
+
+        {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes",
+            "\u8B66\u544A: \u6A94\u6848\u540D\u7A31\u5305\u542B\u9041\u96E2\u53CD\u659C\u7DDA\u5B57\u5143\u3002\u4E0D\u9700\u8981\u9041\u96E2\u53CD\u659C\u7DDA\u5B57\u5143 (\u64B0\u5BEB\u539F\u5247\u5167\u5BB9\u81F3\u6C38\u4E45\u5B58\u653E\u5340\u6642\u9700\u8981\u5DE5\u5177\u9041\u96E2\u5B57\u5143)\u3002\n\n\u6309\u4E00\u4E0B\u300C\u4FDD\u7559\u300D\u4EE5\u4FDD\u7559\u8F38\u5165\u7684\u540D\u7A31\uFF0C\u6216\u6309\u4E00\u4E0B\u300C\u7DE8\u8F2F\u300D\u4EE5\u7DE8\u8F2F\u540D\u7A31\u3002"},
+
+        {"Add.Public.Key.Alias", "\u65B0\u589E\u516C\u958B\u91D1\u9470\u5225\u540D"},
+        {"Remove.Public.Key.Alias", "\u79FB\u9664\u516C\u958B\u91D1\u9470\u5225\u540D"},
+        {"File", "\u6A94\u6848"},
+        {"KeyStore", "\u91D1\u9470\u5132\u5B58\u5EAB"},
+        {"Policy.File.", "\u539F\u5247\u6A94\u6848: "},
+        {"Could.not.open.policy.file.policyFile.e.toString.",
+                "\u7121\u6CD5\u958B\u555F\u539F\u5247\u6A94\u6848: {0}: {1}"},
+        {"Policy.Tool", "\u539F\u5247\u5DE5\u5177"},
+        {"Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.",
+                "\u958B\u555F\u539F\u5247\u8A18\u7F6E\u6642\u767C\u751F\u932F\u8AA4\u3002\u8ACB\u6AA2\u8996\u8B66\u544A\u8A18\u9304\u4EE5\u53D6\u5F97\u66F4\u591A\u7684\u8CC7\u8A0A"},
+        {"Error", "\u932F\u8AA4"},
+        {"OK", "\u78BA\u5B9A"},
+        {"Status", "\u72C0\u614B"},
+        {"Warning", "\u8B66\u544A"},
+        {"Permission.",
+                "\u6B0A\u9650:                                                       "},
+        {"Principal.Type.", "Principal \u985E\u578B: "},
+        {"Principal.Name.", "Principal \u540D\u7A31: "},
+        {"Target.Name.",
+                "\u76EE\u6A19\u540D\u7A31:                                                    "},
+        {"Actions.",
+                "\u52D5\u4F5C:                                                             "},
+        {"OK.to.overwrite.existing.file.filename.",
+                "\u78BA\u8A8D\u8986\u5BEB\u73FE\u5B58\u7684\u6A94\u6848 {0}\uFF1F"},
+        {"Cancel", "\u53D6\u6D88"},
+        {"CodeBase.", "CodeBase:"},
+        {"SignedBy.", "SignedBy:"},
+        {"Add.Principal", "\u65B0\u589E Principal"},
+        {"Edit.Principal", "\u7DE8\u8F2F Principal"},
+        {"Remove.Principal", "\u79FB\u9664 Principal"},
+        {"Principals.", "Principal:"},
+        {".Add.Permission", "  \u65B0\u589E\u6B0A\u9650"},
+        {".Edit.Permission", "  \u7DE8\u8F2F\u6B0A\u9650"},
+        {"Remove.Permission", "\u79FB\u9664\u6B0A\u9650"},
+        {"Done", "\u5B8C\u6210"},
+        {"KeyStore.URL.", "\u91D1\u9470\u5132\u5B58\u5EAB URL: "},
+        {"KeyStore.Type.", "\u91D1\u9470\u5132\u5B58\u5EAB\u985E\u578B:"},
+        {"KeyStore.Provider.", "\u91D1\u9470\u5132\u5B58\u5EAB\u63D0\u4F9B\u8005:"},
+        {"KeyStore.Password.URL.", "\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC URL: "},
+        {"Principals", "Principal"},
+        {".Edit.Principal.", "  \u7DE8\u8F2F Principal: "},
+        {".Add.New.Principal.", "  \u65B0\u589E Principal: "},
+        {"Permissions", "\u6B0A\u9650"},
+        {".Edit.Permission.", "  \u7DE8\u8F2F\u6B0A\u9650:"},
+        {".Add.New.Permission.", "  \u65B0\u589E\u6B0A\u9650:"},
+        {"Signed.By.", "\u7C3D\u7F72\u4EBA: "},
+        {"Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name",
+            "\u6C92\u6709\u842C\u7528\u5B57\u5143\u540D\u7A31\uFF0C\u7121\u6CD5\u6307\u5B9A\u542B\u6709\u842C\u7528\u5B57\u5143\u985E\u5225\u7684 Principal"},
+        {"Cannot.Specify.Principal.without.a.Name",
+            "\u6C92\u6709\u540D\u7A31\uFF0C\u7121\u6CD5\u6307\u5B9A Principal"},
+        {"Permission.and.Target.Name.must.have.a.value",
+                "\u6B0A\u9650\u53CA\u76EE\u6A19\u540D\u7A31\u5FC5\u9808\u6709\u4E00\u500B\u503C\u3002"},
+        {"Remove.this.Policy.Entry.", "\u79FB\u9664\u9019\u500B\u539F\u5247\u9805\u76EE\uFF1F"},
+        {"Overwrite.File", "\u8986\u5BEB\u6A94\u6848"},
+        {"Policy.successfully.written.to.filename",
+                "\u539F\u5247\u6210\u529F\u5BEB\u5165\u81F3 {0}"},
+        {"null.filename", "\u7A7A\u503C\u6A94\u540D"},
+        {"Save.changes.", "\u5132\u5B58\u8B8A\u66F4\uFF1F"},
+        {"Yes", "\u662F"},
+        {"No", "\u5426"},
+        {"Policy.Entry", "\u539F\u5247\u9805\u76EE"},
+        {"Save.Changes", "\u5132\u5B58\u8B8A\u66F4"},
+        {"No.Policy.Entry.selected", "\u6C92\u6709\u9078\u53D6\u539F\u5247\u9805\u76EE"},
+        {"Unable.to.open.KeyStore.ex.toString.",
+                "\u7121\u6CD5\u958B\u555F\u91D1\u9470\u5132\u5B58\u5EAB: {0}"},
+        {"No.principal.selected", "\u672A\u9078\u53D6 Principal"},
+        {"No.permission.selected", "\u6C92\u6709\u9078\u53D6\u6B0A\u9650"},
+        {"name", "\u540D\u7A31"},
+        {"configuration.type", "\u7D44\u614B\u985E\u578B"},
+        {"environment.variable.name", "\u74B0\u5883\u8B8A\u6578\u540D\u7A31"},
+        {"library.name", "\u7A0B\u5F0F\u5EAB\u540D\u7A31"},
+        {"package.name", "\u5957\u88DD\u7A0B\u5F0F\u540D\u7A31"},
+        {"policy.type", "\u539F\u5247\u985E\u578B"},
+        {"property.name", "\u5C6C\u6027\u540D\u7A31"},
+        {"provider.name", "\u63D0\u4F9B\u8005\u540D\u7A31"},
+        {"Principal.List", "Principal \u6E05\u55AE"},
+        {"Permission.List", "\u6B0A\u9650\u6E05\u55AE"},
+        {"Code.Base", "\u4EE3\u78BC\u57FA\u6E96"},
+        {"KeyStore.U.R.L.", "\u91D1\u9470\u5132\u5B58\u5EAB URL:"},
+        {"KeyStore.Password.U.R.L.", "\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC URL:"}
+    };
+
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/tools/policytool/Resources_zh_TW.java	Sun Oct 14 22:58:59 2012 +0100
@@ -0,0 +1,156 @@
+/*
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.tools.policytool;
+
+/**
+ * <p> This class represents the <code>ResourceBundle</code>
+ * for the policytool.
+ *
+ */
+public class Resources_zh_TW extends java.util.ListResourceBundle {
+
+    private static final Object[][] contents = {
+        {"NEWLINE", "\n"},
+        {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.",
+                "\u8B66\u544A: \u5225\u540D {0} \u7684\u516C\u958B\u91D1\u9470\u4E0D\u5B58\u5728\u3002\u8ACB\u78BA\u5B9A\u91D1\u9470\u5132\u5B58\u5EAB\u914D\u7F6E\u6B63\u78BA\u3002"},
+        {"Warning.Class.not.found.class", "\u8B66\u544A: \u627E\u4E0D\u5230\u985E\u5225 {0}"},
+        {"Warning.Invalid.argument.s.for.constructor.arg",
+                "\u8B66\u544A: \u7121\u6548\u7684\u5EFA\u69CB\u5B50\u5F15\u6578: {0}"},
+        {"Illegal.Principal.Type.type", "\u7121\u6548\u7684 Principal \u985E\u578B: {0}"},
+        {"Illegal.option.option", "\u7121\u6548\u7684\u9078\u9805: {0}"},
+        {"Usage.policytool.options.", "\u7528\u6CD5: policytool [options]"},
+        {".file.file.policy.file.location",
+                "  [-file <file>]    \u539F\u5247\u6A94\u6848\u4F4D\u7F6E"},
+        {"New", "\u65B0\u589E"},
+        {"Open", "\u958B\u555F"},
+        {"Save", "\u5132\u5B58"},
+        {"Save.As", "\u53E6\u5B58\u65B0\u6A94"},
+        {"View.Warning.Log", "\u6AA2\u8996\u8B66\u544A\u8A18\u9304"},
+        {"Exit", "\u7D50\u675F"},
+        {"Add.Policy.Entry", "\u65B0\u589E\u539F\u5247\u9805\u76EE"},
+        {"Edit.Policy.Entry", "\u7DE8\u8F2F\u539F\u5247\u9805\u76EE"},
+        {"Remove.Policy.Entry", "\u79FB\u9664\u539F\u5247\u9805\u76EE"},
+        {"Edit", "\u7DE8\u8F2F"},
+        {"Retain", "\u4FDD\u7559"},
+
+        {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes",
+            "\u8B66\u544A: \u6A94\u6848\u540D\u7A31\u5305\u542B\u9041\u96E2\u53CD\u659C\u7DDA\u5B57\u5143\u3002\u4E0D\u9700\u8981\u9041\u96E2\u53CD\u659C\u7DDA\u5B57\u5143 (\u64B0\u5BEB\u539F\u5247\u5167\u5BB9\u81F3\u6C38\u4E45\u5B58\u653E\u5340\u6642\u9700\u8981\u5DE5\u5177\u9041\u96E2\u5B57\u5143)\u3002\n\n\u6309\u4E00\u4E0B\u300C\u4FDD\u7559\u300D\u4EE5\u4FDD\u7559\u8F38\u5165\u7684\u540D\u7A31\uFF0C\u6216\u6309\u4E00\u4E0B\u300C\u7DE8\u8F2F\u300D\u4EE5\u7DE8\u8F2F\u540D\u7A31\u3002"},
+
+        {"Add.Public.Key.Alias", "\u65B0\u589E\u516C\u958B\u91D1\u9470\u5225\u540D"},
+        {"Remove.Public.Key.Alias", "\u79FB\u9664\u516C\u958B\u91D1\u9470\u5225\u540D"},
+        {"File", "\u6A94\u6848"},
+        {"KeyStore", "\u91D1\u9470\u5132\u5B58\u5EAB"},
+        {"Policy.File.", "\u539F\u5247\u6A94\u6848: "},
+        {"Could.not.open.policy.file.policyFile.e.toString.",
+                "\u7121\u6CD5\u958B\u555F\u539F\u5247\u6A94\u6848: {0}: {1}"},
+        {"Policy.Tool", "\u539F\u5247\u5DE5\u5177"},
+        {"Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.",
+                "\u958B\u555F\u539F\u5247\u8A18\u7F6E\u6642\u767C\u751F\u932F\u8AA4\u3002\u8ACB\u6AA2\u8996\u8B66\u544A\u8A18\u9304\u4EE5\u53D6\u5F97\u66F4\u591A\u7684\u8CC7\u8A0A"},
+        {"Error", "\u932F\u8AA4"},
+        {"OK", "\u78BA\u5B9A"},
+        {"Status", "\u72C0\u614B"},
+        {"Warning", "\u8B66\u544A"},
+        {"Permission.",
+                "\u6B0A\u9650:                                                       "},
+        {"Principal.Type.", "Principal \u985E\u578B: "},
+        {"Principal.Name.", "Principal \u540D\u7A31: "},
+        {"Target.Name.",
+                "\u76EE\u6A19\u540D\u7A31:                                                    "},
+        {"Actions.",
+                "\u52D5\u4F5C:                                                             "},
+        {"OK.to.overwrite.existing.file.filename.",
+                "\u78BA\u8A8D\u8986\u5BEB\u73FE\u5B58\u7684\u6A94\u6848 {0}\uFF1F"},
+        {"Cancel", "\u53D6\u6D88"},
+        {"CodeBase.", "CodeBase:"},
+        {"SignedBy.", "SignedBy:"},
+        {"Add.Principal", "\u65B0\u589E Principal"},
+        {"Edit.Principal", "\u7DE8\u8F2F Principal"},
+        {"Remove.Principal", "\u79FB\u9664 Principal"},
+        {"Principals.", "Principal:"},
+        {".Add.Permission", "  \u65B0\u589E\u6B0A\u9650"},
+        {".Edit.Permission", "  \u7DE8\u8F2F\u6B0A\u9650"},
+        {"Remove.Permission", "\u79FB\u9664\u6B0A\u9650"},
+        {"Done", "\u5B8C\u6210"},
+        {"KeyStore.URL.", "\u91D1\u9470\u5132\u5B58\u5EAB URL: "},
+        {"KeyStore.Type.", "\u91D1\u9470\u5132\u5B58\u5EAB\u985E\u578B:"},
+        {"KeyStore.Provider.", "\u91D1\u9470\u5132\u5B58\u5EAB\u63D0\u4F9B\u8005:"},
+        {"KeyStore.Password.URL.", "\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC URL: "},
+        {"Principals", "Principal"},
+        {".Edit.Principal.", "  \u7DE8\u8F2F Principal: "},
+        {".Add.New.Principal.", "  \u65B0\u589E Principal: "},
+        {"Permissions", "\u6B0A\u9650"},
+        {".Edit.Permission.", "  \u7DE8\u8F2F\u6B0A\u9650:"},
+        {".Add.New.Permission.", "  \u65B0\u589E\u6B0A\u9650:"},
+        {"Signed.By.", "\u7C3D\u7F72\u4EBA: "},
+        {"Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name",
+            "\u6C92\u6709\u842C\u7528\u5B57\u5143\u540D\u7A31\uFF0C\u7121\u6CD5\u6307\u5B9A\u542B\u6709\u842C\u7528\u5B57\u5143\u985E\u5225\u7684 Principal"},
+        {"Cannot.Specify.Principal.without.a.Name",
+            "\u6C92\u6709\u540D\u7A31\uFF0C\u7121\u6CD5\u6307\u5B9A Principal"},
+        {"Permission.and.Target.Name.must.have.a.value",
+                "\u6B0A\u9650\u53CA\u76EE\u6A19\u540D\u7A31\u5FC5\u9808\u6709\u4E00\u500B\u503C\u3002"},
+        {"Remove.this.Policy.Entry.", "\u79FB\u9664\u9019\u500B\u539F\u5247\u9805\u76EE\uFF1F"},
+        {"Overwrite.File", "\u8986\u5BEB\u6A94\u6848"},
+        {"Policy.successfully.written.to.filename",
+                "\u539F\u5247\u6210\u529F\u5BEB\u5165\u81F3 {0}"},
+        {"null.filename", "\u7A7A\u503C\u6A94\u540D"},
+        {"Save.changes.", "\u5132\u5B58\u8B8A\u66F4\uFF1F"},
+        {"Yes", "\u662F"},
+        {"No", "\u5426"},
+        {"Policy.Entry", "\u539F\u5247\u9805\u76EE"},
+        {"Save.Changes", "\u5132\u5B58\u8B8A\u66F4"},
+        {"No.Policy.Entry.selected", "\u6C92\u6709\u9078\u53D6\u539F\u5247\u9805\u76EE"},
+        {"Unable.to.open.KeyStore.ex.toString.",
+                "\u7121\u6CD5\u958B\u555F\u91D1\u9470\u5132\u5B58\u5EAB: {0}"},
+        {"No.principal.selected", "\u672A\u9078\u53D6 Principal"},
+        {"No.permission.selected", "\u6C92\u6709\u9078\u53D6\u6B0A\u9650"},
+        {"name", "\u540D\u7A31"},
+        {"configuration.type", "\u7D44\u614B\u985E\u578B"},
+        {"environment.variable.name", "\u74B0\u5883\u8B8A\u6578\u540D\u7A31"},
+        {"library.name", "\u7A0B\u5F0F\u5EAB\u540D\u7A31"},
+        {"package.name", "\u5957\u88DD\u7A0B\u5F0F\u540D\u7A31"},
+        {"policy.type", "\u539F\u5247\u985E\u578B"},
+        {"property.name", "\u5C6C\u6027\u540D\u7A31"},
+        {"provider.name", "\u63D0\u4F9B\u8005\u540D\u7A31"},
+        {"Principal.List", "Principal \u6E05\u55AE"},
+        {"Permission.List", "\u6B0A\u9650\u6E05\u55AE"},
+        {"Code.Base", "\u4EE3\u78BC\u57FA\u6E96"},
+        {"KeyStore.U.R.L.", "\u91D1\u9470\u5132\u5B58\u5EAB URL:"},
+        {"KeyStore.Password.U.R.L.", "\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC URL:"}
+    };
+
+
+    /**
+     * Returns the contents of this <code>ResourceBundle</code>.
+     *
+     * <p>
+     *
+     * @return the contents of this <code>ResourceBundle</code>.
+     */
+    @Override
+    public Object[][] getContents() {
+        return contents;
+    }
+}
--- a/jdk/src/share/classes/sun/security/util/Resources.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/src/share/classes/sun/security/util/Resources.java	Sun Oct 14 22:58:59 2012 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -34,513 +34,6 @@
 
     private static final Object[][] contents = {
 
-        // shared (from jarsigner)
-        {"SPACE", " "},
-        {"2SPACE", "  "},
-        {"6SPACE", "      "},
-        {"COMMA", ", "},
-        // shared (from keytool)
-        {"NEWLINE", "\n"},
-        {"STAR",
-                "*******************************************"},
-        {"STARNN",
-                "*******************************************\n\n"},
-
-        // keytool: Help part
-        {".OPTION.", " [OPTION]..."},
-        {"Options.", "Options:"},
-        {"Use.keytool.help.for.all.available.commands",
-                 "Use \"keytool -help\" for all available commands"},
-        {"Key.and.Certificate.Management.Tool",
-                 "Key and Certificate Management Tool"},
-        {"Commands.", "Commands:"},
-        {"Use.keytool.command.name.help.for.usage.of.command.name",
-                "Use \"keytool -command_name -help\" for usage of command_name"},
-        // keytool: help: commands
-        {"Generates.a.certificate.request",
-                "Generates a certificate request"}, //-certreq
-        {"Changes.an.entry.s.alias",
-                "Changes an entry's alias"}, //-changealias
-        {"Deletes.an.entry",
-                "Deletes an entry"}, //-delete
-        {"Exports.certificate",
-                "Exports certificate"}, //-exportcert
-        {"Generates.a.key.pair",
-                "Generates a key pair"}, //-genkeypair
-        {"Generates.a.secret.key",
-                "Generates a secret key"}, //-genseckey
-        {"Generates.certificate.from.a.certificate.request",
-                "Generates certificate from a certificate request"}, //-gencert
-        {"Generates.CRL", "Generates CRL"}, //-gencrl
-        {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
-                "Imports entries from a JDK 1.1.x-style identity database"}, //-identitydb
-        {"Imports.a.certificate.or.a.certificate.chain",
-                "Imports a certificate or a certificate chain"}, //-importcert
-        {"Imports.one.or.all.entries.from.another.keystore",
-                "Imports one or all entries from another keystore"}, //-importkeystore
-        {"Clones.a.key.entry",
-                "Clones a key entry"}, //-keyclone
-        {"Changes.the.key.password.of.an.entry",
-                "Changes the key password of an entry"}, //-keypasswd
-        {"Lists.entries.in.a.keystore",
-                "Lists entries in a keystore"}, //-list
-        {"Prints.the.content.of.a.certificate",
-                "Prints the content of a certificate"}, //-printcert
-        {"Prints.the.content.of.a.certificate.request",
-                "Prints the content of a certificate request"}, //-printcertreq
-        {"Prints.the.content.of.a.CRL.file",
-                "Prints the content of a CRL file"}, //-printcrl
-        {"Generates.a.self.signed.certificate",
-                "Generates a self-signed certificate"}, //-selfcert
-        {"Changes.the.store.password.of.a.keystore",
-                "Changes the store password of a keystore"}, //-storepasswd
-        // keytool: help: options
-        {"alias.name.of.the.entry.to.process",
-                "alias name of the entry to process"}, //-alias
-        {"destination.alias",
-                "destination alias"}, //-destalias
-        {"destination.key.password",
-                "destination key password"}, //-destkeypass
-        {"destination.keystore.name",
-                "destination keystore name"}, //-destkeystore
-        {"destination.keystore.password.protected",
-                "destination keystore password protected"}, //-destprotected
-        {"destination.keystore.provider.name",
-                "destination keystore provider name"}, //-destprovidername
-        {"destination.keystore.password",
-                "destination keystore password"}, //-deststorepass
-        {"destination.keystore.type",
-                "destination keystore type"}, //-deststoretype
-        {"distinguished.name",
-                "distinguished name"}, //-dname
-        {"X.509.extension",
-                "X.509 extension"}, //-ext
-        {"output.file.name",
-                "output file name"}, //-file and -outfile
-        {"input.file.name",
-                "input file name"}, //-file and -infile
-        {"key.algorithm.name",
-                "key algorithm name"}, //-keyalg
-        {"key.password",
-                "key password"}, //-keypass
-        {"key.bit.size",
-                "key bit size"}, //-keysize
-        {"keystore.name",
-                "keystore name"}, //-keystore
-        {"new.password",
-                "new password"}, //-new
-        {"do.not.prompt",
-                "do not prompt"}, //-noprompt
-        {"password.through.protected.mechanism",
-                "password through protected mechanism"}, //-protected
-        {"provider.argument",
-                "provider argument"}, //-providerarg
-        {"provider.class.name",
-                "provider class name"}, //-providerclass
-        {"provider.name",
-                "provider name"}, //-providername
-        {"provider.classpath",
-                "provider classpath"}, //-providerpath
-        {"output.in.RFC.style",
-                "output in RFC style"}, //-rfc
-        {"signature.algorithm.name",
-                "signature algorithm name"}, //-sigalg
-        {"source.alias",
-                "source alias"}, //-srcalias
-        {"source.key.password",
-                "source key password"}, //-srckeypass
-        {"source.keystore.name",
-                "source keystore name"}, //-srckeystore
-        {"source.keystore.password.protected",
-                "source keystore password protected"}, //-srcprotected
-        {"source.keystore.provider.name",
-                "source keystore provider name"}, //-srcprovidername
-        {"source.keystore.password",
-                "source keystore password"}, //-srcstorepass
-        {"source.keystore.type",
-                "source keystore type"}, //-srcstoretype
-        {"SSL.server.host.and.port",
-                "SSL server host and port"}, //-sslserver
-        {"signed.jar.file",
-                "signed jar file"}, //=jarfile
-        {"certificate.validity.start.date.time",
-                "certificate validity start date/time"}, //-startdate
-        {"keystore.password",
-                "keystore password"}, //-storepass
-        {"keystore.type",
-                "keystore type"}, //-storetype
-        {"trust.certificates.from.cacerts",
-                "trust certificates from cacerts"}, //-trustcacerts
-        {"verbose.output",
-                "verbose output"}, //-v
-        {"validity.number.of.days",
-                "validity number of days"}, //-validity
-        {"Serial.ID.of.cert.to.revoke",
-                 "Serial ID of cert to revoke"}, //-id
-        // keytool: Running part
-        {"keytool.error.", "keytool error: "},
-        {"Illegal.option.", "Illegal option:  "},
-        {"Illegal.value.", "Illegal value: "},
-        {"Unknown.password.type.", "Unknown password type: "},
-        {"Cannot.find.environment.variable.",
-                "Cannot find environment variable: "},
-        {"Cannot.find.file.", "Cannot find file: "},
-        {"Command.option.flag.needs.an.argument.", "Command option {0} needs an argument."},
-        {"Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value.",
-                "Warning:  Different store and key passwords not supported for PKCS12 KeyStores. Ignoring user-specified {0} value."},
-        {".keystore.must.be.NONE.if.storetype.is.{0}",
-                "-keystore must be NONE if -storetype is {0}"},
-        {"Too.many.retries.program.terminated",
-                 "Too many retries, program terminated"},
-        {".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}",
-                "-storepasswd and -keypasswd commands not supported if -storetype is {0}"},
-        {".keypasswd.commands.not.supported.if.storetype.is.PKCS12",
-                "-keypasswd commands not supported if -storetype is PKCS12"},
-        {".keypass.and.new.can.not.be.specified.if.storetype.is.{0}",
-                "-keypass and -new can not be specified if -storetype is {0}"},
-        {"if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified",
-                "if -protected is specified, then -storepass, -keypass, and -new must not be specified"},
-        {"if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified",
-                "if -srcprotected is specified, then -srcstorepass and -srckeypass must not be specified"},
-        {"if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified",
-                "if keystore is not password protected, then -storepass, -keypass, and -new must not be specified"},
-        {"if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified",
-                "if source keystore is not password protected, then -srcstorepass and -srckeypass must not be specified"},
-        {"Illegal.startdate.value", "Illegal startdate value"},
-        {"Validity.must.be.greater.than.zero",
-                "Validity must be greater than zero"},
-        {"provName.not.a.provider", "{0} not a provider"},
-        {"Usage.error.no.command.provided", "Usage error: no command provided"},
-        {"Source.keystore.file.exists.but.is.empty.", "Source keystore file exists, but is empty: "},
-        {"Please.specify.srckeystore", "Please specify -srckeystore"},
-        {"Must.not.specify.both.v.and.rfc.with.list.command",
-                "Must not specify both -v and -rfc with 'list' command"},
-        {"Key.password.must.be.at.least.6.characters",
-                "Key password must be at least 6 characters"},
-        {"New.password.must.be.at.least.6.characters",
-                "New password must be at least 6 characters"},
-        {"Keystore.file.exists.but.is.empty.",
-                "Keystore file exists, but is empty: "},
-        {"Keystore.file.does.not.exist.",
-                "Keystore file does not exist: "},
-        {"Must.specify.destination.alias", "Must specify destination alias"},
-        {"Must.specify.alias", "Must specify alias"},
-        {"Keystore.password.must.be.at.least.6.characters",
-                "Keystore password must be at least 6 characters"},
-        {"Enter.keystore.password.", "Enter keystore password:  "},
-        {"Enter.source.keystore.password.", "Enter source keystore password:  "},
-        {"Enter.destination.keystore.password.", "Enter destination keystore password:  "},
-        {"Keystore.password.is.too.short.must.be.at.least.6.characters",
-         "Keystore password is too short - must be at least 6 characters"},
-        {"Unknown.Entry.Type", "Unknown Entry Type"},
-        {"Too.many.failures.Alias.not.changed", "Too many failures. Alias not changed"},
-        {"Entry.for.alias.alias.successfully.imported.",
-                 "Entry for alias {0} successfully imported."},
-        {"Entry.for.alias.alias.not.imported.", "Entry for alias {0} not imported."},
-        {"Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported.",
-                 "Problem importing entry for alias {0}: {1}.\nEntry for alias {0} not imported."},
-        {"Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled",
-                 "Import command completed:  {0} entries successfully imported, {1} entries failed or cancelled"},
-        {"Warning.Overwriting.existing.alias.alias.in.destination.keystore",
-                 "Warning: Overwriting existing alias {0} in destination keystore"},
-        {"Existing.entry.alias.alias.exists.overwrite.no.",
-                 "Existing entry alias {0} exists, overwrite? [no]:  "},
-        {"Too.many.failures.try.later", "Too many failures - try later"},
-        {"Certification.request.stored.in.file.filename.",
-                "Certification request stored in file <{0}>"},
-        {"Submit.this.to.your.CA", "Submit this to your CA"},
-        {"if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified",
-            "if alias not specified, destalias, srckeypass, and destkeypass must not be specified"},
-        {"Certificate.stored.in.file.filename.",
-                "Certificate stored in file <{0}>"},
-        {"Certificate.reply.was.installed.in.keystore",
-                "Certificate reply was installed in keystore"},
-        {"Certificate.reply.was.not.installed.in.keystore",
-                "Certificate reply was not installed in keystore"},
-        {"Certificate.was.added.to.keystore",
-                "Certificate was added to keystore"},
-        {"Certificate.was.not.added.to.keystore",
-                "Certificate was not added to keystore"},
-        {".Storing.ksfname.", "[Storing {0}]"},
-        {"alias.has.no.public.key.certificate.",
-                "{0} has no public key (certificate)"},
-        {"Cannot.derive.signature.algorithm",
-                "Cannot derive signature algorithm"},
-        {"Alias.alias.does.not.exist",
-                "Alias <{0}> does not exist"},
-        {"Alias.alias.has.no.certificate",
-                "Alias <{0}> has no certificate"},
-        {"Key.pair.not.generated.alias.alias.already.exists",
-                "Key pair not generated, alias <{0}> already exists"},
-        {"Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for",
-                "Generating {0} bit {1} key pair and self-signed certificate ({2}) with a validity of {3} days\n\tfor: {4}"},
-        {"Enter.key.password.for.alias.", "Enter key password for <{0}>"},
-        {".RETURN.if.same.as.keystore.password.",
-                "\t(RETURN if same as keystore password):  "},
-        {"Key.password.is.too.short.must.be.at.least.6.characters",
-                "Key password is too short - must be at least 6 characters"},
-        {"Too.many.failures.key.not.added.to.keystore",
-                "Too many failures - key not added to keystore"},
-        {"Destination.alias.dest.already.exists",
-                "Destination alias <{0}> already exists"},
-        {"Password.is.too.short.must.be.at.least.6.characters",
-                "Password is too short - must be at least 6 characters"},
-        {"Too.many.failures.Key.entry.not.cloned",
-                "Too many failures. Key entry not cloned"},
-        {"key.password.for.alias.", "key password for <{0}>"},
-        {"Keystore.entry.for.id.getName.already.exists",
-                "Keystore entry for <{0}> already exists"},
-        {"Creating.keystore.entry.for.id.getName.",
-                "Creating keystore entry for <{0}> ..."},
-        {"No.entries.from.identity.database.added",
-                "No entries from identity database added"},
-        {"Alias.name.alias", "Alias name: {0}"},
-        {"Creation.date.keyStore.getCreationDate.alias.",
-                "Creation date: {0,date}"},
-        {"alias.keyStore.getCreationDate.alias.",
-                "{0}, {1,date}, "},
-        {"alias.", "{0}, "},
-        {"Entry.type.type.", "Entry type: {0}"},
-        {"Certificate.chain.length.", "Certificate chain length: "},
-        {"Certificate.i.1.", "Certificate[{0,number,integer}]:"},
-        {"Certificate.fingerprint.SHA1.", "Certificate fingerprint (SHA1): "},
-        {"Keystore.type.", "Keystore type: "},
-        {"Keystore.provider.", "Keystore provider: "},
-        {"Your.keystore.contains.keyStore.size.entry",
-                "Your keystore contains {0,number,integer} entry"},
-        {"Your.keystore.contains.keyStore.size.entries",
-                "Your keystore contains {0,number,integer} entries"},
-        {"Failed.to.parse.input", "Failed to parse input"},
-        {"Empty.input", "Empty input"},
-        {"Not.X.509.certificate", "Not X.509 certificate"},
-        {"alias.has.no.public.key", "{0} has no public key"},
-        {"alias.has.no.X.509.certificate", "{0} has no X.509 certificate"},
-        {"New.certificate.self.signed.", "New certificate (self-signed):"},
-        {"Reply.has.no.certificates", "Reply has no certificates"},
-        {"Certificate.not.imported.alias.alias.already.exists",
-                "Certificate not imported, alias <{0}> already exists"},
-        {"Input.not.an.X.509.certificate", "Input not an X.509 certificate"},
-        {"Certificate.already.exists.in.keystore.under.alias.trustalias.",
-                "Certificate already exists in keystore under alias <{0}>"},
-        {"Do.you.still.want.to.add.it.no.",
-                "Do you still want to add it? [no]:  "},
-        {"Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias.",
-                "Certificate already exists in system-wide CA keystore under alias <{0}>"},
-        {"Do.you.still.want.to.add.it.to.your.own.keystore.no.",
-                "Do you still want to add it to your own keystore? [no]:  "},
-        {"Trust.this.certificate.no.", "Trust this certificate? [no]:  "},
-        {"YES", "YES"},
-        {"New.prompt.", "New {0}: "},
-        {"Passwords.must.differ", "Passwords must differ"},
-        {"Re.enter.new.prompt.", "Re-enter new {0}: "},
-        {"Re.enter.new.password.", "Re-enter new password: "},
-        {"They.don.t.match.Try.again", "They don't match. Try again"},
-        {"Enter.prompt.alias.name.", "Enter {0} alias name:  "},
-        {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
-                 "Enter new alias name\t(RETURN to cancel import for this entry):  "},
-        {"Enter.alias.name.", "Enter alias name:  "},
-        {".RETURN.if.same.as.for.otherAlias.",
-                "\t(RETURN if same as for <{0}>)"},
-        {".PATTERN.printX509Cert",
-                "Owner: {0}\nIssuer: {1}\nSerial number: {2}\nValid from: {3} until: {4}\nCertificate fingerprints:\n\t MD5:  {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t Signature algorithm name: {8}\n\t Version: {9}"},
-        {"What.is.your.first.and.last.name.",
-                "What is your first and last name?"},
-        {"What.is.the.name.of.your.organizational.unit.",
-                "What is the name of your organizational unit?"},
-        {"What.is.the.name.of.your.organization.",
-                "What is the name of your organization?"},
-        {"What.is.the.name.of.your.City.or.Locality.",
-                "What is the name of your City or Locality?"},
-        {"What.is.the.name.of.your.State.or.Province.",
-                "What is the name of your State or Province?"},
-        {"What.is.the.two.letter.country.code.for.this.unit.",
-                "What is the two-letter country code for this unit?"},
-        {"Is.name.correct.", "Is {0} correct?"},
-        {"no", "no"},
-        {"yes", "yes"},
-        {"y", "y"},
-        {".defaultValue.", "  [{0}]:  "},
-        {"Alias.alias.has.no.key",
-                "Alias <{0}> has no key"},
-        {"Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key",
-                 "Alias <{0}> references an entry type that is not a private key entry.  The -keyclone command only supports cloning of private key entries"},
-
-        {".WARNING.WARNING.WARNING.",
-            "*****************  WARNING WARNING WARNING  *****************"},
-        {"Signer.d.", "Signer #%d:"},
-        {"Timestamp.", "Timestamp:"},
-        {"Signature.", "Signature:"},
-        {"CRLs.", "CRLs:"},
-        {"Certificate.owner.", "Certificate owner: "},
-        {"Not.a.signed.jar.file", "Not a signed jar file"},
-        {"No.certificate.from.the.SSL.server",
-                "No certificate from the SSL server"},
-
-        {".The.integrity.of.the.information.stored.in.your.keystore.",
-            "* The integrity of the information stored in your keystore  *\n" +
-            "* has NOT been verified!  In order to verify its integrity, *\n" +
-            "* you must provide your keystore password.                  *"},
-        {".The.integrity.of.the.information.stored.in.the.srckeystore.",
-            "* The integrity of the information stored in the srckeystore*\n" +
-            "* has NOT been verified!  In order to verify its integrity, *\n" +
-            "* you must provide the srckeystore password.                *"},
-
-        {"Certificate.reply.does.not.contain.public.key.for.alias.",
-                "Certificate reply does not contain public key for <{0}>"},
-        {"Incomplete.certificate.chain.in.reply",
-                "Incomplete certificate chain in reply"},
-        {"Certificate.chain.in.reply.does.not.verify.",
-                "Certificate chain in reply does not verify: "},
-        {"Top.level.certificate.in.reply.",
-                "Top-level certificate in reply:\n"},
-        {".is.not.trusted.", "... is not trusted. "},
-        {"Install.reply.anyway.no.", "Install reply anyway? [no]:  "},
-        {"NO", "NO"},
-        {"Public.keys.in.reply.and.keystore.don.t.match",
-                "Public keys in reply and keystore don't match"},
-        {"Certificate.reply.and.certificate.in.keystore.are.identical",
-                "Certificate reply and certificate in keystore are identical"},
-        {"Failed.to.establish.chain.from.reply",
-                "Failed to establish chain from reply"},
-        {"n", "n"},
-        {"Wrong.answer.try.again", "Wrong answer, try again"},
-        {"Secret.key.not.generated.alias.alias.already.exists",
-                "Secret Key not generated, alias <{0}> already exists"},
-        {"Please.provide.keysize.for.secret.key.generation",
-                "Please provide -keysize for secret key generation"},
-
-        {"verified.by.s.in.s", "Verified by %s in %s"},
-        {"warning.not.verified.make.sure.keystore.is.correct",
-            "WARNING: not verified. Make sure -keystore is correct."},
-
-        {"Extensions.", "Extensions: "},
-        {".Empty.value.", "(Empty value)"},
-        {"Extension.Request.", "Extension Request:"},
-        {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
-                "PKCS #10 Certificate Request (Version 1.0)\n" +
-                "Subject: %s\nPublic Key: %s format %s key\n"},
-        {"Unknown.keyUsage.type.", "Unknown keyUsage type: "},
-        {"Unknown.extendedkeyUsage.type.", "Unknown extendedkeyUsage type: "},
-        {"Unknown.AccessDescription.type.", "Unknown AccessDescription type: "},
-        {"Unrecognized.GeneralName.type.", "Unrecognized GeneralName type: "},
-        {"This.extension.cannot.be.marked.as.critical.",
-                 "This extension cannot be marked as critical. "},
-        {"Odd.number.of.hex.digits.found.", "Odd number of hex digits found: "},
-        {"Unknown.extension.type.", "Unknown extension type: "},
-        {"command.{0}.is.ambiguous.", "command {0} is ambiguous:"},
-
-        // policytool
-        {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.",
-                "Warning: A public key for alias {0} does not exist.  Make sure a KeyStore is properly configured."},
-        {"Warning.Class.not.found.class", "Warning: Class not found: {0}"},
-        {"Warning.Invalid.argument.s.for.constructor.arg",
-                "Warning: Invalid argument(s) for constructor: {0}"},
-        {"Illegal.Principal.Type.type", "Illegal Principal Type: {0}"},
-        {"Illegal.option.option", "Illegal option: {0}"},
-        {"Usage.policytool.options.", "Usage: policytool [options]"},
-        {".file.file.policy.file.location",
-                "  [-file <file>]    policy file location"},
-        {"New", "New"},
-        {"Open", "Open"},
-        {"Save", "Save"},
-        {"Save.As", "Save As"},
-        {"View.Warning.Log", "View Warning Log"},
-        {"Exit", "Exit"},
-        {"Add.Policy.Entry", "Add Policy Entry"},
-        {"Edit.Policy.Entry", "Edit Policy Entry"},
-        {"Remove.Policy.Entry", "Remove Policy Entry"},
-        {"Edit", "Edit"},
-        {"Retain", "Retain"},
-
-        {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes",
-            "Warning: File name may include escaped backslash characters. " +
-                        "It is not necessary to escape backslash characters " +
-                        "(the tool escapes characters as necessary when writing " +
-                        "the policy contents to the persistent store).\n\n" +
-                        "Click on Retain to retain the entered name, or click on " +
-                        "Edit to edit the name."},
-
-        {"Add.Public.Key.Alias", "Add Public Key Alias"},
-        {"Remove.Public.Key.Alias", "Remove Public Key Alias"},
-        {"File", "File"},
-        {"KeyStore", "KeyStore"},
-        {"Policy.File.", "Policy File:"},
-        {"Could.not.open.policy.file.policyFile.e.toString.",
-                "Could not open policy file: {0}: {1}"},
-        {"Policy.Tool", "Policy Tool"},
-        {"Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.",
-                "Errors have occurred while opening the policy configuration.  View the Warning Log for more information."},
-        {"Error", "Error"},
-        {"OK", "OK"},
-        {"Status", "Status"},
-        {"Warning", "Warning"},
-        {"Permission.",
-                "Permission:                                                       "},
-        {"Principal.Type.", "Principal Type:"},
-        {"Principal.Name.", "Principal Name:"},
-        {"Target.Name.",
-                "Target Name:                                                    "},
-        {"Actions.",
-                "Actions:                                                             "},
-        {"OK.to.overwrite.existing.file.filename.",
-                "OK to overwrite existing file {0}?"},
-        {"Cancel", "Cancel"},
-        {"CodeBase.", "CodeBase:"},
-        {"SignedBy.", "SignedBy:"},
-        {"Add.Principal", "Add Principal"},
-        {"Edit.Principal", "Edit Principal"},
-        {"Remove.Principal", "Remove Principal"},
-        {"Principals.", "Principals:"},
-        {".Add.Permission", "  Add Permission"},
-        {".Edit.Permission", "  Edit Permission"},
-        {"Remove.Permission", "Remove Permission"},
-        {"Done", "Done"},
-        {"KeyStore.URL.", "KeyStore URL:"},
-        {"KeyStore.Type.", "KeyStore Type:"},
-        {"KeyStore.Provider.", "KeyStore Provider:"},
-        {"KeyStore.Password.URL.", "KeyStore Password URL:"},
-        {"Principals", "Principals"},
-        {".Edit.Principal.", "  Edit Principal:"},
-        {".Add.New.Principal.", "  Add New Principal:"},
-        {"Permissions", "Permissions"},
-        {".Edit.Permission.", "  Edit Permission:"},
-        {".Add.New.Permission.", "  Add New Permission:"},
-        {"Signed.By.", "Signed By:"},
-        {"Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name",
-            "Cannot Specify Principal with a Wildcard Class without a Wildcard Name"},
-        {"Cannot.Specify.Principal.without.a.Name",
-            "Cannot Specify Principal without a Name"},
-        {"Permission.and.Target.Name.must.have.a.value",
-                "Permission and Target Name must have a value"},
-        {"Remove.this.Policy.Entry.", "Remove this Policy Entry?"},
-        {"Overwrite.File", "Overwrite File"},
-        {"Policy.successfully.written.to.filename",
-                "Policy successfully written to {0}"},
-        {"null.filename", "null filename"},
-        {"Save.changes.", "Save changes?"},
-        {"Yes", "Yes"},
-        {"No", "No"},
-        {"Policy.Entry", "Policy Entry"},
-        {"Save.Changes", "Save Changes"},
-        {"No.Policy.Entry.selected", "No Policy Entry selected"},
-        {"Unable.to.open.KeyStore.ex.toString.",
-                "Unable to open KeyStore: {0}"},
-        {"No.principal.selected", "No principal selected"},
-        {"No.permission.selected", "No permission selected"},
-        {"name", "name"},
-        {"configuration.type", "configuration type"},
-        {"environment.variable.name", "environment variable name"},
-        {"library.name", "library name"},
-        {"package.name", "package name"},
-        {"policy.type", "policy type"},
-        {"property.name", "property name"},
-        {"Principal.List", "Principal List"},
-        {"Permission.List", "Permission List"},
-        {"Code.Base", "Code Base"},
-        {"KeyStore.U.R.L.", "KeyStore U R L:"},
-        {"KeyStore.Password.U.R.L.", "KeyStore Password U R L:"},
-
-
         // javax.security.auth.PrivateCredentialPermission
         {"invalid.null.input.s.", "invalid null input(s)"},
         {"actions.can.only.be.read.", "actions can only be 'read'"},
@@ -565,6 +58,7 @@
         {"provided.null.OID.map", "provided null OID map"},
 
         // javax.security.auth.Subject
+        {"NEWLINE", "\n"},
         {"invalid.null.AccessControlContext.provided",
                 "invalid null AccessControlContext provided"},
         {"invalid.null.action.provided", "invalid null action provided"},
@@ -668,6 +162,7 @@
      *
      * @return the contents of this <code>ResourceBundle</code>.
      */
+    @Override
     public Object[][] getContents() {
         return contents;
     }
--- a/jdk/src/share/classes/sun/security/util/Resources_de.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/src/share/classes/sun/security/util/Resources_de.java	Sun Oct 14 22:58:59 2012 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -34,501 +34,6 @@
 
     private static final Object[][] contents = {
 
-        // shared (from jarsigner)
-        {"SPACE", " "},
-        {"2SPACE", "  "},
-        {"6SPACE", "      "},
-        {"COMMA", ", "},
-        // shared (from keytool)
-        {"NEWLINE", "\n"},
-        {"STAR",
-                "*******************************************"},
-        {"STARNN",
-                "*******************************************\n\n"},
-
-        // keytool: Help part
-// "Option" should be translated.
-        {".OPTION.", " [Option]..."},
-        {"Options.", "Optionen:"},
-        {"Use.keytool.help.for.all.available.commands",
-                 "\"keytool -help\" f\u00FCr alle verf\u00FCgbaren Befehle verwenden"},
-        {"Key.and.Certificate.Management.Tool",
-                 "Schl\u00FCssel- und Zertifikatsverwaltungstool"},
-        {"Commands.", "Befehle:"},
-        {"Use.keytool.command.name.help.for.usage.of.command.name",
-                "\"keytool -command_name -help\" f\u00FCr Verwendung von command_name verwenden"},
-        // keytool: help: commands
-        {"Generates.a.certificate.request",
-                "Generiert eine Zertifikatanforderung"}, //-certreq
-        {"Changes.an.entry.s.alias",
-                "\u00C4ndert den Alias eines Eintrags"}, //-changealias
-        {"Deletes.an.entry",
-                "L\u00F6scht einen Eintrag"}, //-delete
-        {"Exports.certificate",
-                "Exportiert ein Zertifikat"}, //-exportcert
-        {"Generates.a.key.pair",
-                "Generiert ein Schl\u00FCsselpaar"}, //-genkeypair
-// translation of "secret" key should be different to "private" key.
-        {"Generates.a.secret.key",
-                "Generiert einen Secret Key"}, //-genseckey
-        {"Generates.certificate.from.a.certificate.request",
-                "Generiert ein Zertifikat aus einer Zertifikatanforderung"}, //-gencert
-        {"Generates.CRL", "Generiert eine CRL"}, //-gencrl
-        {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
-                "Importiert Eintr\u00E4ge aus einer Identity-Datenbank im JDK 1.1.x-Stil"}, //-identitydb
-        {"Imports.a.certificate.or.a.certificate.chain",
-                "Importiert ein Zertifikat oder eine Zertifikatkette"}, //-importcert
-        {"Imports.one.or.all.entries.from.another.keystore",
-                "Importiert einen oder alle Eintr\u00E4ge aus einem anderen Keystore"}, //-importkeystore
-        {"Clones.a.key.entry",
-                "Clont einen Schl\u00FCsseleintrag"}, //-keyclone
-        {"Changes.the.key.password.of.an.entry",
-                "\u00C4ndert das Schl\u00FCsselkennwort eines Eintrags"}, //-keypasswd
-        {"Lists.entries.in.a.keystore",
-                "Listet die Eintr\u00E4ge in einem Keystore auf"}, //-list
-        {"Prints.the.content.of.a.certificate",
-                "Druckt den Content eines Zertifikats"}, //-printcert
-        {"Prints.the.content.of.a.certificate.request",
-                "Druckt den Content einer Zertifikatanforderung"}, //-printcertreq
-        {"Prints.the.content.of.a.CRL.file",
-                "Druckt den Content einer CRL-Datei"}, //-printcrl
-        {"Generates.a.self.signed.certificate",
-                "Generiert ein selbst signiertes Zertifikat"}, //-selfcert
-        {"Changes.the.store.password.of.a.keystore",
-                "\u00C4ndert das Speicherkennwort eines Keystores"}, //-storepasswd
-        // keytool: help: options
-        {"alias.name.of.the.entry.to.process",
-                "Aliasname des zu verarbeitenden Eintrags"}, //-alias
-        {"destination.alias",
-                "Zielalias"}, //-destalias
-        {"destination.key.password",
-                "Zielschl\u00FCssel-Kennwort"}, //-destkeypass
-        {"destination.keystore.name",
-                "Ziel-Keystore-Name"}, //-destkeystore
-        {"destination.keystore.password.protected",
-                "Ziel-Keystore kennwortgesch\u00FCtzt"}, //-destprotected
-        {"destination.keystore.provider.name",
-                "Ziel-Keystore-Providername"}, //-destprovidername
-        {"destination.keystore.password",
-                "Ziel-Keystore-Kennwort"}, //-deststorepass
-        {"destination.keystore.type",
-                "Ziel-Keystore-Typ"}, //-deststoretype
-        {"distinguished.name",
-                "Distinguished Name"}, //-dname
-        {"X.509.extension",
-                "X.509-Erweiterung"}, //-ext
-        {"output.file.name",
-                "Ausgabedateiname"}, //-file and -outfile
-        {"input.file.name",
-                "Eingabedateiname"}, //-file and -infile
-        {"key.algorithm.name",
-                "Schl\u00FCsselalgorithmusname"}, //-keyalg
-        {"key.password",
-                "Schl\u00FCsselkennwort"}, //-keypass
-        {"key.bit.size",
-                "Schl\u00FCsselbitgr\u00F6\u00DFe"}, //-keysize
-        {"keystore.name",
-                "Keystore-Name"}, //-keystore
-        {"new.password",
-                "Neues Kennwort"}, //-new
-        {"do.not.prompt",
-                "Kein Prompt"}, //-noprompt
-        {"password.through.protected.mechanism",
-                "Kennwort \u00FCber gesch\u00FCtzten Mechanismus"}, //-protected
-        {"provider.argument",
-                "Providerargument"}, //-providerarg
-        {"provider.class.name",
-                "Providerklassenname"}, //-providerclass
-        {"provider.name",
-                "Providername"}, //-providername
-        {"provider.classpath",
-                "Provider-Classpath"}, //-providerpath
-        {"output.in.RFC.style",
-                "Ausgabe in RFC-Stil"}, //-rfc
-        {"signature.algorithm.name",
-                "Signaturalgorithmusname"}, //-sigalg
-        {"source.alias",
-                "Quellalias"}, //-srcalias
-        {"source.key.password",
-                "Quellschl\u00FCssel-Kennwort"}, //-srckeypass
-        {"source.keystore.name",
-                "Quell-Keystore-Name"}, //-srckeystore
-        {"source.keystore.password.protected",
-                "Quell-Keystore kennwortgesch\u00FCtzt"}, //-srcprotected
-        {"source.keystore.provider.name",
-                "Quell-Keystore-Providername"}, //-srcprovidername
-        {"source.keystore.password",
-                "Quell-Keystore-Kennwort"}, //-srcstorepass
-        {"source.keystore.type",
-                "Quell-Keystore-Typ"}, //-srcstoretype
-        {"SSL.server.host.and.port",
-                "SSL-Serverhost und -port"}, //-sslserver
-        {"signed.jar.file",
-                "Signierte JAR-Datei"}, //=jarfile
-        {"certificate.validity.start.date.time",
-                "Anfangsdatum/-zeit f\u00FCr Zertifikatsg\u00FCltigkeit"}, //-startdate
-        {"keystore.password",
-                "Keystore-Kennwort"}, //-storepass
-        {"keystore.type",
-                "Keystore-Typ"}, //-storetype
-        {"trust.certificates.from.cacerts",
-                "Zertifikaten aus cacerts vertrauen"}, //-trustcacerts
-        {"verbose.output",
-                "Verbose-Ausgabe"}, //-v
-        {"validity.number.of.days",
-                "G\u00FCltigkeitsdauer (Tage)"}, //-validity
-        {"Serial.ID.of.cert.to.revoke",
-                 "Serielle ID des zu entziehenden Certs"}, //-id
-        // keytool: Running part
-        {"keytool.error.", "Keytool-Fehler: "},
-        {"Illegal.option.", "Ung\u00FCltige Option:  "},
-        {"Illegal.value.", "Ung\u00FCltiger Wert: "},
-        {"Unknown.password.type.", "Unbekannter Kennworttyp: "},
-        {"Cannot.find.environment.variable.",
-                "Umgebungsvariable kann nicht gefunden werden: "},
-        {"Cannot.find.file.", "Datei kann nicht gefunden werden: "},
-        {"Command.option.flag.needs.an.argument.", "Befehlsoption {0} ben\u00F6tigt ein Argument."},
-        {"Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value.",
-                "Warnung: Keine Unterst\u00FCtzung f\u00FCr unterschiedliche Speicher- und Schl\u00FCsselkennw\u00F6rter bei PKCS12 KeyStores. Der benutzerdefinierte Wert {0} wird ignoriert."},
-        {".keystore.must.be.NONE.if.storetype.is.{0}",
-                "-keystore muss NONE sein, wenn -storetype {0} ist"},
-        {"Too.many.retries.program.terminated",
-                 "Zu viele erneute Versuche. Programm wird beendet"},
-        {".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}",
-                "Befehle -storepasswd und -keypasswd werden nicht unterst\u00FCtzt, wenn -storetype {0} ist"},
-        {".keypasswd.commands.not.supported.if.storetype.is.PKCS12",
-                "Befehle des Typs -keypasswd werden nicht unterst\u00FCtzt, wenn -storetype PKCS12 ist"},
-        {".keypass.and.new.can.not.be.specified.if.storetype.is.{0}",
-                "-keypass und -new k\u00F6nnen nicht angegeben werden, wenn -storetype {0} ist"},
-        {"if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified",
-                "Wenn -protected angegeben ist, d\u00FCrfen -storepass, -keypass und -new nicht angegeben werden"},
-        {"if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified",
-                "Wenn -srcprotected angegeben ist, d\u00FCrfen -srcstorepass und -srckeypass nicht angegeben werden"},
-        {"if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified",
-                "Wenn der Keystore nicht kennwortgesch\u00FCtzt ist, d\u00FCrfen -storepass, -keypass und -new nicht angegeben werden"},
-        {"if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified",
-                "Wenn der Quell-Keystore nicht kennwortgesch\u00FCtzt ist, d\u00FCrfen -srcstorepass und -srckeypass nicht angegeben werden"},
-        {"Illegal.startdate.value", "Ung\u00FCltiger Wert f\u00FCr Anfangsdatum"},
-        {"Validity.must.be.greater.than.zero",
-                "G\u00FCltigkeit muss gr\u00F6\u00DFer als null sein"},
-        {"provName.not.a.provider", "{0} kein Provider"},
-        {"Usage.error.no.command.provided", "Verwendungsfehler: Kein Befehl angegeben"},
-        {"Source.keystore.file.exists.but.is.empty.", "Quell-Keystore-Datei ist zwar vorhanden, ist aber leer: "},
-        {"Please.specify.srckeystore", "Geben Sie -srckeystore an"},
-        {"Must.not.specify.both.v.and.rfc.with.list.command",
-                "-v und -rfc d\u00FCrfen bei Befehl \"list\" nicht beide angegeben werden"},
-        {"Key.password.must.be.at.least.6.characters",
-                "Schl\u00FCsselkennwort muss mindestens sechs Zeichen lang sein"},
-        {"New.password.must.be.at.least.6.characters",
-                "Neues Kennwort muss mindestens sechs Zeichen lang sein"},
-        {"Keystore.file.exists.but.is.empty.",
-                "Keystore-Datei ist vorhanden, ist aber leer: "},
-        {"Keystore.file.does.not.exist.",
-                "Keystore-Datei ist nicht vorhanden: "},
-        {"Must.specify.destination.alias", "Sie m\u00FCssen einen Zielalias angeben"},
-        {"Must.specify.alias", "Sie m\u00FCssen einen Alias angeben"},
-        {"Keystore.password.must.be.at.least.6.characters",
-                "Keystore-Kennwort muss mindestens sechs Zeichen lang sein"},
-        {"Enter.keystore.password.", "Keystore-Kennwort eingeben:  "},
-        {"Enter.source.keystore.password.", "Quell-Keystore-Kennwort eingeben:  "},
-        {"Enter.destination.keystore.password.", "Ziel-Keystore-Kennwort eingeben:  "},
-        {"Keystore.password.is.too.short.must.be.at.least.6.characters",
-         "Keystore-Kennwort ist zu kurz. Es muss mindestens sechs Zeichen lang sein"},
-        {"Unknown.Entry.Type", "Unbekannter Eintragstyp"},
-        {"Too.many.failures.Alias.not.changed", "Zu viele Fehler. Alias nicht ge\u00E4ndert"},
-        {"Entry.for.alias.alias.successfully.imported.",
-                 "Eintrag f\u00FCr Alias {0} erfolgreich importiert."},
-        {"Entry.for.alias.alias.not.imported.", "Eintrag f\u00FCr Alias {0} nicht importiert."},
-        {"Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported.",
-                 "Problem beim Importieren des Eintrags f\u00FCr Alias {0}: {1}.\nEintrag f\u00FCr Alias {0} nicht importiert."},
-        {"Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled",
-                 "Importbefehl abgeschlossen: {0} Eintr\u00E4ge erfolgreich importiert, {1} Eintr\u00E4ge nicht erfolgreich oder abgebrochen"},
-        {"Warning.Overwriting.existing.alias.alias.in.destination.keystore",
-                 "Warnung: Vorhandener Alias {0} in Ziel-Keystore wird \u00FCberschrieben"},
-        {"Existing.entry.alias.alias.exists.overwrite.no.",
-                 "Eintragsalias {0} ist bereits vorhanden. \u00DCberschreiben? [Nein]:  "},
-        {"Too.many.failures.try.later", "Zu viele Fehler. Versuchen Sie es sp\u00E4ter erneut"},
-        {"Certification.request.stored.in.file.filename.",
-                "Zertifizierungsanforderung in Datei <{0}> gespeichert"},
-        {"Submit.this.to.your.CA", "Leiten Sie dies an die CA weiter"},
-        {"if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified",
-            "Wenn kein Alias angegeben ist, d\u00FCrfen destalias, srckeypass und destkeypass nicht angegeben werden"},
-        {"Certificate.stored.in.file.filename.",
-                "Zertifikat in Datei <{0}> gespeichert"},
-        {"Certificate.reply.was.installed.in.keystore",
-                "Zertifikatantwort wurde in Keystore installiert"},
-        {"Certificate.reply.was.not.installed.in.keystore",
-                "Zertifikatantwort wurde nicht in Keystore installiert"},
-        {"Certificate.was.added.to.keystore",
-                "Zertifikat wurde Keystore hinzugef\u00FCgt"},
-        {"Certificate.was.not.added.to.keystore",
-                "Zertifikat wurde nicht zu Keystore hinzugef\u00FCgt"},
-        {".Storing.ksfname.", "[{0} wird gesichert]"},
-        {"alias.has.no.public.key.certificate.",
-                "{0} hat keinen Public Key (Zertifikat)"},
-        {"Cannot.derive.signature.algorithm",
-                "Signaturalgorithmus kann nicht abgeleitet werden"},
-        {"Alias.alias.does.not.exist",
-                "Alias <{0}> ist nicht vorhanden"},
-        {"Alias.alias.has.no.certificate",
-                "Alias <{0}> hat kein Zertifikat"},
-        {"Key.pair.not.generated.alias.alias.already.exists",
-                "Schl\u00FCsselpaar wurde nicht generiert. Alias <{0}> ist bereits vorhanden"},
-        {"Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for",
-                "Generieren von Schl\u00FCsselpaar (Typ {1}, {0} Bit) und selbst signiertem Zertifikat ({2}) mit einer G\u00FCltigkeit von {3} Tagen\n\tf\u00FCr: {4}"},
-        {"Enter.key.password.for.alias.", "Schl\u00FCsselkennwort f\u00FCr <{0}> eingeben"},
-        {".RETURN.if.same.as.keystore.password.",
-                "\t(RETURN, wenn identisch mit Keystore-Kennwort):  "},
-        {"Key.password.is.too.short.must.be.at.least.6.characters",
-                "Schl\u00FCsselkennwort ist zu kurz. Es muss mindestens sechs Zeichen lang sein"},
-        {"Too.many.failures.key.not.added.to.keystore",
-                "Zu viele Fehler. Schl\u00FCssel wurde nicht zu Keystore hinzugef\u00FCgt"},
-        {"Destination.alias.dest.already.exists",
-                "Zielalias <{0}> bereits vorhanden"},
-        {"Password.is.too.short.must.be.at.least.6.characters",
-                "Kennwort ist zu kurz. Es muss mindestens sechs Zeichen lang sein"},
-        {"Too.many.failures.Key.entry.not.cloned",
-                "Zu viele Fehler. Schl\u00FCsseleintrag wurde nicht geclont"},
-        {"key.password.for.alias.", "Schl\u00FCsselkennwort f\u00FCr <{0}>"},
-        {"Keystore.entry.for.id.getName.already.exists",
-                "Keystore-Eintrag f\u00FCr <{0}> bereits vorhanden"},
-        {"Creating.keystore.entry.for.id.getName.",
-                "Keystore-Eintrag f\u00FCr <{0}> wird erstellt..."},
-        {"No.entries.from.identity.database.added",
-                "Keine Eintr\u00E4ge aus Identity-Datenbank hinzugef\u00FCgt"},
-        {"Alias.name.alias", "Aliasname: {0}"},
-        {"Creation.date.keyStore.getCreationDate.alias.",
-                "Erstellungsdatum: {0,date}"},
-        {"alias.keyStore.getCreationDate.alias.",
-                "{0}, {1,date}, "},
-        {"alias.", "{0}, "},
-        {"Entry.type.type.", "Eintragstyp: {0}"},
-        {"Certificate.chain.length.", "Zertifikatkettenl\u00E4nge: "},
-        {"Certificate.i.1.", "Zertifikat[{0,number,integer}]:"},
-        {"Certificate.fingerprint.SHA1.", "Zertifikat-Fingerprint (SHA1): "},
-        {"Keystore.type.", "Keystore-Typ: "},
-        {"Keystore.provider.", "Keystore-Provider: "},
-        {"Your.keystore.contains.keyStore.size.entry",
-                "Keystore enth\u00E4lt {0,number,integer} Eintrag"},
-        {"Your.keystore.contains.keyStore.size.entries",
-                "Keystore enth\u00E4lt {0,number,integer} Eintr\u00E4ge"},
-        {"Failed.to.parse.input", "Eingabe konnte nicht geparst werden"},
-        {"Empty.input", "Leere Eingabe"},
-        {"Not.X.509.certificate", "Kein X.509-Zertifikat"},
-        {"alias.has.no.public.key", "{0} hat keinen Public Key"},
-        {"alias.has.no.X.509.certificate", "{0} hat kein X.509-Zertifikat"},
-        {"New.certificate.self.signed.", "Neues Zertifikat (selbst signiert):"},
-        {"Reply.has.no.certificates", "Antwort hat keine Zertifikate"},
-        {"Certificate.not.imported.alias.alias.already.exists",
-                "Zertifikat nicht importiert. Alias <{0}> ist bereits vorhanden"},
-        {"Input.not.an.X.509.certificate", "Eingabe kein X.509-Zertifikat"},
-        {"Certificate.already.exists.in.keystore.under.alias.trustalias.",
-                "Zertifikat ist bereits unter Alias <{0}> im Keystore vorhanden"},
-        {"Do.you.still.want.to.add.it.no.",
-                "M\u00F6chten Sie es trotzdem hinzuf\u00FCgen? [Nein]:  "},
-        {"Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias.",
-                "Zertifikat ist bereits unter Alias <{0}> im systemweiten CA-Keystore vorhanden"},
-        {"Do.you.still.want.to.add.it.to.your.own.keystore.no.",
-                "M\u00F6chten Sie es trotzdem zu Ihrem eigenen Keystore hinzuf\u00FCgen? [Nein]:  "},
-        {"Trust.this.certificate.no.", "Diesem Zertifikat vertrauen? [Nein]:  "},
-        {"YES", "Ja"},
-        {"New.prompt.", "Neues {0}: "},
-        {"Passwords.must.differ", "Kennw\u00F6rter m\u00FCssen sich unterscheiden"},
-        {"Re.enter.new.prompt.", "Neues {0} erneut eingeben: "},
-        {"Re.enter.new.password.", "Neues Kennwort erneut eingeben: "},
-        {"They.don.t.match.Try.again", "Keine \u00DCbereinstimmung. Wiederholen Sie den Vorgang"},
-        {"Enter.prompt.alias.name.", "{0}-Aliasnamen eingeben:  "},
-        {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
-                 "Geben Sie einen neuen Aliasnamen ein\t(RETURN, um den Import dieses Eintrags abzubrechen):  "},
-        {"Enter.alias.name.", "Aliasnamen eingeben:  "},
-        {".RETURN.if.same.as.for.otherAlias.",
-                "\t(RETURN, wenn identisch mit <{0}>)"},
-        {".PATTERN.printX509Cert",
-                "Eigent\u00FCmer: {0}\nAussteller: {1}\nSeriennummer: {2}\nG\u00FCltig von: {3} bis: {4}\nZertifikat-Fingerprints:\n\t MD5:  {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t Signaturalgorithmusname: {8}\n\t Version: {9}"},
-        {"What.is.your.first.and.last.name.",
-                "Wie lautet Ihr Vor- und Nachname?"},
-        {"What.is.the.name.of.your.organizational.unit.",
-                "Wie lautet der Name Ihrer organisatorischen Einheit?"},
-        {"What.is.the.name.of.your.organization.",
-                "Wie lautet der Name Ihrer Organisation?"},
-        {"What.is.the.name.of.your.City.or.Locality.",
-                "Wie lautet der Name Ihrer Stadt oder Gemeinde?"},
-        {"What.is.the.name.of.your.State.or.Province.",
-                "Wie lautet der Name Ihres Bundeslands?"},
-        {"What.is.the.two.letter.country.code.for.this.unit.",
-                "Wie lautet der L\u00E4ndercode (zwei Buchstaben) f\u00FCr diese Einheit?"},
-        {"Is.name.correct.", "Ist {0} richtig?"},
-        {"no", "Nein"},
-        {"yes", "Ja"},
-        {"y", "J"},
-        {".defaultValue.", "  [{0}]:  "},
-        {"Alias.alias.has.no.key",
-                "Alias <{0}> verf\u00FCgt \u00FCber keinen Schl\u00FCssel"},
-        {"Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key",
-                 "Alias <{0}> verweist auf einen Eintragstyp, der kein Private Key-Eintrag ist. Der Befehl -keyclone unterst\u00FCtzt nur das Clonen von Private Key-Eintr\u00E4gen"},
-
-        {".WARNING.WARNING.WARNING.",
-            "*****************  Warnung Warnung Warnung  *****************"},
-        {"Signer.d.", "Signaturgeber #%d:"},
-        {"Timestamp.", "Zeitstempel:"},
-        {"Signature.", "Signatur:"},
-        {"CRLs.", "CRLs:"},
-        {"Certificate.owner.", "Zertifikateigent\u00FCmer: "},
-        {"Not.a.signed.jar.file", "Keine signierte JAR-Datei"},
-        {"No.certificate.from.the.SSL.server",
-                "Kein Zertifikat vom SSL-Server"},
-
-        {".The.integrity.of.the.information.stored.in.your.keystore.",
-            "* Die Integrit\u00E4t der Informationen, die in Ihrem Keystore gespeichert sind, *\n* wurde NICHT gepr\u00FCft. Um die Integrit\u00E4t zu pr\u00FCfen, *\n* m\u00FCssen Sie Ihr Keystore-Kennwort angeben.                  *"},
-        {".The.integrity.of.the.information.stored.in.the.srckeystore.",
-            "* Die Integrit\u00E4t der Informationen, die in Ihrem Srckeystore gespeichert sind, *\n* wurde NICHT gepr\u00FCft. Um die Integrit\u00E4t zu pr\u00FCfen, *\n* m\u00FCssen Sie Ihr Srckeystore-Kennwort angeben.                  *"},
-
-        {"Certificate.reply.does.not.contain.public.key.for.alias.",
-                "Zertifikatantwort enth\u00E4lt keinen Public Key f\u00FCr <{0}>"},
-        {"Incomplete.certificate.chain.in.reply",
-                "Unvollst\u00E4ndige Zertifikatkette in Antwort"},
-        {"Certificate.chain.in.reply.does.not.verify.",
-                "Zertifikatkette in Antwort verifiziert nicht: "},
-        {"Top.level.certificate.in.reply.",
-                "Zertifikat der obersten Ebene in Antwort:\n"},
-        {".is.not.trusted.", "... ist nicht vertrauensw\u00FCrdig. "},
-        {"Install.reply.anyway.no.", "Antwort trotzdem installieren? [Nein]:  "},
-        {"NO", "Nein"},
-        {"Public.keys.in.reply.and.keystore.don.t.match",
-                "Public Keys in Antwort und Keystore stimmen nicht \u00FCberein"},
-        {"Certificate.reply.and.certificate.in.keystore.are.identical",
-                "Zertifikatantwort und Zertifikat in Keystore sind identisch"},
-        {"Failed.to.establish.chain.from.reply",
-                "Kette konnte der Antwort nicht entnommen werden"},
-        {"n", "N"},
-        {"Wrong.answer.try.again", "Falsche Antwort. Wiederholen Sie den Vorgang"},
-        {"Secret.key.not.generated.alias.alias.already.exists",
-                "Secret Key wurde nicht generiert. Alias <{0}> ist bereits vorhanden"},
-        {"Please.provide.keysize.for.secret.key.generation",
-                "Geben Sie -keysize zum Erstellen eines Secret Keys an"},
-
-        {"Extensions.", "Erweiterungen: "},
-        {".Empty.value.", "(Leerer Wert)"},
-        {"Extension.Request.", "Erweiterungsanforderung:"},
-        {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
-                "PKCS #10-Zertifikatanforderung (Version 1.0)\nSubjekt: %s\nPublic Key: %s Format %s Schl\u00FCssel\n"},
-        {"Unknown.keyUsage.type.", "Unbekannter keyUsage-Typ: "},
-        {"Unknown.extendedkeyUsage.type.", "Unbekannter extendedkeyUsage-Typ: "},
-        {"Unknown.AccessDescription.type.", "Unbekannter AccessDescription-Typ: "},
-        {"Unrecognized.GeneralName.type.", "Unbekannter GeneralName-Typ: "},
-        {"This.extension.cannot.be.marked.as.critical.",
-                 "Erweiterung kann nicht als \"Kritisch\" markiert werden. "},
-        {"Odd.number.of.hex.digits.found.", "Ungerade Anzahl hexadezimaler Ziffern gefunden: "},
-        {"Unknown.extension.type.", "Unbekannter Erweiterungstyp: "},
-        {"command.{0}.is.ambiguous.", "Befehl {0} ist mehrdeutig:"},
-
-        // policytool
-        {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.",
-                "Warnung: Kein Public Key f\u00FCr Alias {0} vorhanden. Vergewissern Sie sich, dass der KeyStore ordnungsgem\u00E4\u00DF konfiguriert ist."},
-        {"Warning.Class.not.found.class", "Warnung: Klasse nicht gefunden: {0}"},
-        {"Warning.Invalid.argument.s.for.constructor.arg",
-                "Warnung: Ung\u00FCltige(s) Argument(e) f\u00FCr Constructor: {0}"},
-        {"Illegal.Principal.Type.type", "Ung\u00FCltiger Principal-Typ: {0}"},
-        {"Illegal.option.option", "Ung\u00FCltige Option: {0}"},
-        {"Usage.policytool.options.", "Verwendung: policytool [Optionen]"},
-        {".file.file.policy.file.location",
-                " [-file <Datei>]    Policy-Dateiverzeichnis"},
-        {"New", "Neu"},
-        {"Open", "\u00D6ffnen"},
-        {"Save", "Speichern"},
-        {"Save.As", "Speichern unter"},
-        {"View.Warning.Log", "Warnungslog anzeigen"},
-        {"Exit", "Beenden"},
-        {"Add.Policy.Entry", "Policy-Eintrag hinzuf\u00FCgen"},
-        {"Edit.Policy.Entry", "Policy-Eintrag bearbeiten"},
-        {"Remove.Policy.Entry", "Policy-Eintrag entfernen"},
-        {"Edit", "Bearbeiten"},
-        {"Retain", "Beibehalten"},
-
-        {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes",
-            "Warnung: M\u00F6glicherweise enth\u00E4lt der Dateiname Escape-Zeichen mit Backslash. Es ist nicht notwendig, Backslash-Zeichen zu escapen (das Tool f\u00FChrt dies automatisch beim Schreiben des Policy-Contents in den persistenten Speicher aus).\n\nKlicken Sie auf \"Beibehalten\", um den eingegebenen Namen beizubehalten oder auf \"Bearbeiten\", um den Namen zu bearbeiten."},
-
-        {"Add.Public.Key.Alias", "Public Key-Alias hinzuf\u00FCgen"},
-        {"Remove.Public.Key.Alias", "Public Key-Alias entfernen"},
-        {"File", "Datei"},
-        {"KeyStore", "KeyStore"},
-        {"Policy.File.", "Policy-Datei:"},
-        {"Could.not.open.policy.file.policyFile.e.toString.",
-                "Policy-Datei konnte nicht ge\u00F6ffnet werden: {0}: {1}"},
-        {"Policy.Tool", "Policy-Tool"},
-        {"Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.",
-                "Beim \u00D6ffnen der Policy-Konfiguration sind Fehler aufgetreten. Weitere Informationen finden Sie im Warnungslog."},
-        {"Error", "Fehler"},
-        {"OK", "OK"},
-        {"Status", "Status"},
-        {"Warning", "Warnung"},
-        {"Permission.",
-                "Berechtigung:                                                       "},
-        {"Principal.Type.", "Principal-Typ:"},
-        {"Principal.Name.", "Principal-Name:"},
-        {"Target.Name.",
-                "Zielname:                                                    "},
-        {"Actions.",
-                "Aktionen:                                                             "},
-        {"OK.to.overwrite.existing.file.filename.",
-                "Vorhandene Datei {0} \u00FCberschreiben?"},
-        {"Cancel", "Abbrechen"},
-        {"CodeBase.", "CodeBase:"},
-        {"SignedBy.", "SignedBy:"},
-        {"Add.Principal", "Principal hinzuf\u00FCgen"},
-        {"Edit.Principal", "Principal bearbeiten"},
-        {"Remove.Principal", "Principal entfernen"},
-        {"Principals.", "Principals:"},
-        {".Add.Permission", "  Berechtigung hinzuf\u00FCgen"},
-        {".Edit.Permission", "  Berechtigung bearbeiten"},
-        {"Remove.Permission", "Berechtigung entfernen"},
-        {"Done", "Fertig"},
-        {"KeyStore.URL.", "KeyStore-URL:"},
-        {"KeyStore.Type.", "KeyStore-Typ:"},
-        {"KeyStore.Provider.", "KeyStore-Provider:"},
-        {"KeyStore.Password.URL.", "KeyStore-Kennwort-URL:"},
-        {"Principals", "Principals"},
-        {".Edit.Principal.", "  Principal bearbeiten:"},
-        {".Add.New.Principal.", "  Neuen Principal hinzuf\u00FCgen:"},
-        {"Permissions", "Berechtigungen"},
-        {".Edit.Permission.", "  Berechtigung bearbeiten:"},
-        {".Add.New.Permission.", "  Neue Berechtigung hinzuf\u00FCgen:"},
-        {"Signed.By.", "Signiert von:"},
-        {"Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name",
-            "Principal kann nicht mit einer Platzhalterklasse ohne Platzhalternamen angegeben werden"},
-        {"Cannot.Specify.Principal.without.a.Name",
-            "Principal kann nicht ohne einen Namen angegeben werden"},
-        {"Permission.and.Target.Name.must.have.a.value",
-                "Berechtigung und Zielname m\u00FCssen einen Wert haben"},
-        {"Remove.this.Policy.Entry.", "Diesen Policy-Eintrag entfernen?"},
-        {"Overwrite.File", "Datei \u00FCberschreiben"},
-        {"Policy.successfully.written.to.filename",
-                "Policy erfolgreich in {0} geschrieben"},
-        {"null.filename", "Null-Dateiname"},
-        {"Save.changes.", "\u00C4nderungen speichern?"},
-        {"Yes", "Ja"},
-        {"No", "Nein"},
-        {"Policy.Entry", "Policy-Eintrag"},
-        {"Save.Changes", "\u00C4nderungen speichern"},
-        {"No.Policy.Entry.selected", "Kein Policy-Eintrag ausgew\u00E4hlt"},
-        {"Unable.to.open.KeyStore.ex.toString.",
-                "KeyStore kann nicht ge\u00F6ffnet werden: {0}"},
-        {"No.principal.selected", "Kein Principal ausgew\u00E4hlt"},
-        {"No.permission.selected", "Keine Berechtigung ausgew\u00E4hlt"},
-        {"name", "Name"},
-        {"configuration.type", "Konfigurationstyp"},
-        {"environment.variable.name", "Umgebungsvariablenname"},
-        {"library.name", "Library-Name"},
-        {"package.name", "Packagename"},
-        {"policy.type", "Policy-Typ"},
-        {"property.name", "Eigenschaftsname"},
-        {"Principal.List", "Principal-Liste"},
-        {"Permission.List", "Berechtigungsliste"},
-        {"Code.Base", "Codebase"},
-        {"KeyStore.U.R.L.", "KeyStore-URL:"},
-        {"KeyStore.Password.U.R.L.", "KeyStore-Kennwort-URL:"},
-
-
         // javax.security.auth.PrivateCredentialPermission
         {"invalid.null.input.s.", "Ung\u00FCltige Nulleingabe(n)"},
         {"actions.can.only.be.read.", "Aktionen k\u00F6nnen nur \"lesen\" sein"},
@@ -553,6 +58,7 @@
         {"provided.null.OID.map", "Null-OID-Zuordnung angegeben"},
 
         // javax.security.auth.Subject
+        {"NEWLINE", "\n"},
         {"invalid.null.AccessControlContext.provided",
                 "Ung\u00FCltiger Nullwert f\u00FCr AccessControlContext angegeben"},
         {"invalid.null.action.provided", "Ung\u00FCltige Nullaktion angegeben"},
@@ -656,6 +162,7 @@
      *
      * @return the contents of this <code>ResourceBundle</code>.
      */
+    @Override
     public Object[][] getContents() {
         return contents;
     }
--- a/jdk/src/share/classes/sun/security/util/Resources_es.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/src/share/classes/sun/security/util/Resources_es.java	Sun Oct 14 22:58:59 2012 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -34,501 +34,6 @@
 
     private static final Object[][] contents = {
 
-        // shared (from jarsigner)
-        {"SPACE", " "},
-        {"2SPACE", "  "},
-        {"6SPACE", "      "},
-        {"COMMA", ", "},
-        // shared (from keytool)
-        {"NEWLINE", "\n"},
-        {"STAR",
-                "*******************************************"},
-        {"STARNN",
-                "*******************************************\n\n"},
-
-        // keytool: Help part
-// "Option" should be translated.
-        {".OPTION.", " [Opci\u00F3n]..."},
-        {"Options.", "Opciones:"},
-        {"Use.keytool.help.for.all.available.commands",
-                 "Utilice\"keytool -help\" para todos los comandos disponibles"},
-        {"Key.and.Certificate.Management.Tool",
-                 "Herramienta de Gesti\u00F3n de Certificados y Claves"},
-        {"Commands.", "Comandos:"},
-        {"Use.keytool.command.name.help.for.usage.of.command.name",
-                "Utilice \"keytool -command_name -help\" para la sintaxis de nombre_comando"},
-        // keytool: help: commands
-        {"Generates.a.certificate.request",
-                "Genera una solicitud de certificado"}, //-certreq
-        {"Changes.an.entry.s.alias",
-                "Cambia un alias de entrada"}, //-changealias
-        {"Deletes.an.entry",
-                "Suprime una entrada"}, //-delete
-        {"Exports.certificate",
-                "Exporta el certificado"}, //-exportcert
-        {"Generates.a.key.pair",
-                "Genera un par de claves"}, //-genkeypair
-// translation of "secret" key should be different to "private" key.
-        {"Generates.a.secret.key",
-                "Genera un clave secreta"}, //-genseckey
-        {"Generates.certificate.from.a.certificate.request",
-                "Genera un certificado a partir de una solicitud de certificado"}, //-gencert
-        {"Generates.CRL", "Genera CRL"}, //-gencrl
-        {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
-                "Importa entradas desde una base de datos de identidades JDK 1.1.x-style"}, //-identitydb
-        {"Imports.a.certificate.or.a.certificate.chain",
-                "Importa un certificado o una cadena de certificados"}, //-importcert
-        {"Imports.one.or.all.entries.from.another.keystore",
-                "Importa una o todas las entradas desde otro almac\u00E9n de claves"}, //-importkeystore
-        {"Clones.a.key.entry",
-                "Clona una entrada de clave"}, //-keyclone
-        {"Changes.the.key.password.of.an.entry",
-                "Cambia la contrase\u00F1a de clave de una entrada"}, //-keypasswd
-        {"Lists.entries.in.a.keystore",
-                "Enumera las entradas de un almac\u00E9n de claves"}, //-list
-        {"Prints.the.content.of.a.certificate",
-                "Imprime el contenido de un certificado"}, //-printcert
-        {"Prints.the.content.of.a.certificate.request",
-                "Imprime el contenido de una solicitud de certificado"}, //-printcertreq
-        {"Prints.the.content.of.a.CRL.file",
-                "Imprime el contenido de un archivo CRL"}, //-printcrl
-        {"Generates.a.self.signed.certificate",
-                "Genera un certificado autofirmado"}, //-selfcert
-        {"Changes.the.store.password.of.a.keystore",
-                "Cambia la contrase\u00F1a de almac\u00E9n de un almac\u00E9n de claves"}, //-storepasswd
-        // keytool: help: options
-        {"alias.name.of.the.entry.to.process",
-                "nombre de alias de la entrada que se va a procesar"}, //-alias
-        {"destination.alias",
-                "alias de destino"}, //-destalias
-        {"destination.key.password",
-                "contrase\u00F1a de clave de destino"}, //-destkeypass
-        {"destination.keystore.name",
-                "nombre de almac\u00E9n de claves de destino"}, //-destkeystore
-        {"destination.keystore.password.protected",
-                "almac\u00E9n de claves de destino protegido por contrase\u00F1a"}, //-destprotected
-        {"destination.keystore.provider.name",
-                "nombre de proveedor de almac\u00E9n de claves de destino"}, //-destprovidername
-        {"destination.keystore.password",
-                "contrase\u00F1a de almac\u00E9n de claves de destino"}, //-deststorepass
-        {"destination.keystore.type",
-                "tipo de almac\u00E9n de claves de destino"}, //-deststoretype
-        {"distinguished.name",
-                "nombre distintivo"}, //-dname
-        {"X.509.extension",
-                "extensi\u00F3n X.509"}, //-ext
-        {"output.file.name",
-                "nombre de archivo de salida"}, //-file and -outfile
-        {"input.file.name",
-                "nombre de archivo de entrada"}, //-file and -infile
-        {"key.algorithm.name",
-                "nombre de algoritmo de clave"}, //-keyalg
-        {"key.password",
-                "contrase\u00F1a de clave"}, //-keypass
-        {"key.bit.size",
-                "tama\u00F1o de bit de clave"}, //-keysize
-        {"keystore.name",
-                "nombre de almac\u00E9n de claves"}, //-keystore
-        {"new.password",
-                "nueva contrase\u00F1a"}, //-new
-        {"do.not.prompt",
-                "no solicitar"}, //-noprompt
-        {"password.through.protected.mechanism",
-                "contrase\u00F1a a trav\u00E9s de mecanismo protegido"}, //-protected
-        {"provider.argument",
-                "argumento del proveedor"}, //-providerarg
-        {"provider.class.name",
-                "nombre de clase del proveedor"}, //-providerclass
-        {"provider.name",
-                "nombre del proveedor"}, //-providername
-        {"provider.classpath",
-                "classpath de proveedor"}, //-providerpath
-        {"output.in.RFC.style",
-                "salida en estilo RFC"}, //-rfc
-        {"signature.algorithm.name",
-                "nombre de algoritmo de firma"}, //-sigalg
-        {"source.alias",
-                "alias de origen"}, //-srcalias
-        {"source.key.password",
-                "contrase\u00F1a de clave de origen"}, //-srckeypass
-        {"source.keystore.name",
-                "nombre de almac\u00E9n de claves de origen"}, //-srckeystore
-        {"source.keystore.password.protected",
-                "almac\u00E9n de claves de origen protegido por contrase\u00F1a"}, //-srcprotected
-        {"source.keystore.provider.name",
-                "nombre de proveedor de almac\u00E9n de claves de origen"}, //-srcprovidername
-        {"source.keystore.password",
-                "contrase\u00F1a de almac\u00E9n de claves de origen"}, //-srcstorepass
-        {"source.keystore.type",
-                "tipo de almac\u00E9n de claves de origen"}, //-srcstoretype
-        {"SSL.server.host.and.port",
-                "puerto y host del servidor SSL"}, //-sslserver
-        {"signed.jar.file",
-                "archivo jar firmado"}, //=jarfile
-        {"certificate.validity.start.date.time",
-                "fecha/hora de inicio de validez del certificado"}, //-startdate
-        {"keystore.password",
-                "contrase\u00F1a de almac\u00E9n de claves"}, //-storepass
-        {"keystore.type",
-                "tipo de almac\u00E9n de claves"}, //-storetype
-        {"trust.certificates.from.cacerts",
-                "certificados de protecci\u00F3n de cacerts"}, //-trustcacerts
-        {"verbose.output",
-                "salida detallada"}, //-v
-        {"validity.number.of.days",
-                "n\u00FAmero de validez de d\u00EDas"}, //-validity
-        {"Serial.ID.of.cert.to.revoke",
-                 "identificador de serie del certificado que se va a revocar"}, //-id
-        // keytool: Running part
-        {"keytool.error.", "error de herramienta de claves: "},
-        {"Illegal.option.", "Opci\u00F3n no permitida:  "},
-        {"Illegal.value.", "Valor no permitido: "},
-        {"Unknown.password.type.", "Tipo de contrase\u00F1a desconocido: "},
-        {"Cannot.find.environment.variable.",
-                "No se ha encontrado la variable del entorno: "},
-        {"Cannot.find.file.", "No se ha encontrado el archivo: "},
-        {"Command.option.flag.needs.an.argument.", "La opci\u00F3n de comando {0} necesita un argumento."},
-        {"Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value.",
-                "Advertencia: los almacenes de claves en formato PKCS12 no admiten contrase\u00F1as de clave y almacenamiento distintas. Se ignorar\u00E1 el valor especificado por el usuario, {0}."},
-        {".keystore.must.be.NONE.if.storetype.is.{0}",
-                "-keystore debe ser NONE si -storetype es {0}"},
-        {"Too.many.retries.program.terminated",
-                 "Ha habido demasiados intentos, se ha cerrado el programa"},
-        {".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}",
-                "Los comandos -storepasswd y -keypasswd no est\u00E1n soportados si -storetype es {0}"},
-        {".keypasswd.commands.not.supported.if.storetype.is.PKCS12",
-                "Los comandos -keypasswd no est\u00E1n soportados si -storetype es PKCS12"},
-        {".keypass.and.new.can.not.be.specified.if.storetype.is.{0}",
-                "-keypass y -new no se pueden especificar si -storetype es {0}"},
-        {"if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified",
-                "si se especifica -protected, no deben especificarse -storepass, -keypass ni -new"},
-        {"if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified",
-                "Si se especifica -srcprotected, no se puede especificar -srcstorepass ni -srckeypass"},
-        {"if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified",
-                "Si keystore no est\u00E1 protegido por contrase\u00F1a, no se deben especificar -storepass, -keypass ni -new"},
-        {"if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified",
-                "Si el almac\u00E9n de claves de origen no est\u00E1 protegido por contrase\u00F1a, no se deben especificar -srcstorepass ni -srckeypass"},
-        {"Illegal.startdate.value", "Valor de fecha de inicio no permitido"},
-        {"Validity.must.be.greater.than.zero",
-                "La validez debe ser mayor que cero"},
-        {"provName.not.a.provider", "{0} no es un proveedor"},
-        {"Usage.error.no.command.provided", "Error de sintaxis: no se ha proporcionado ning\u00FAn comando"},
-        {"Source.keystore.file.exists.but.is.empty.", "El archivo de almac\u00E9n de claves de origen existe, pero est\u00E1 vac\u00EDo: "},
-        {"Please.specify.srckeystore", "Especifique -srckeystore"},
-        {"Must.not.specify.both.v.and.rfc.with.list.command",
-                "No se deben especificar -v y -rfc simult\u00E1neamente con el comando 'list'"},
-        {"Key.password.must.be.at.least.6.characters",
-                "La contrase\u00F1a de clave debe tener al menos 6 caracteres"},
-        {"New.password.must.be.at.least.6.characters",
-                "La nueva contrase\u00F1a debe tener al menos 6 caracteres"},
-        {"Keystore.file.exists.but.is.empty.",
-                "El archivo de almac\u00E9n de claves existe, pero est\u00E1 vac\u00EDo: "},
-        {"Keystore.file.does.not.exist.",
-                "El archivo de almac\u00E9n de claves no existe: "},
-        {"Must.specify.destination.alias", "Se debe especificar un alias de destino"},
-        {"Must.specify.alias", "Se debe especificar un alias"},
-        {"Keystore.password.must.be.at.least.6.characters",
-                "La contrase\u00F1a del almac\u00E9n de claves debe tener al menos 6 caracteres"},
-        {"Enter.keystore.password.", "Introduzca la contrase\u00F1a del almac\u00E9n de claves:  "},
-        {"Enter.source.keystore.password.", "Introduzca la contrase\u00F1a de almac\u00E9n de claves de origen:  "},
-        {"Enter.destination.keystore.password.", "Introduzca la contrase\u00F1a de almac\u00E9n de claves de destino:  "},
-        {"Keystore.password.is.too.short.must.be.at.least.6.characters",
-         "La contrase\u00F1a del almac\u00E9n de claves es demasiado corta, debe tener al menos 6 caracteres"},
-        {"Unknown.Entry.Type", "Tipo de Entrada Desconocido"},
-        {"Too.many.failures.Alias.not.changed", "Demasiados fallos. No se ha cambiado el alias"},
-        {"Entry.for.alias.alias.successfully.imported.",
-                 "La entrada del alias {0} se ha importado correctamente."},
-        {"Entry.for.alias.alias.not.imported.", "La entrada del alias {0} no se ha importado."},
-        {"Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported.",
-                 "Problema al importar la entrada del alias {0}: {1}.\nNo se ha importado la entrada del alias {0}."},
-        {"Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled",
-                 "Comando de importaci\u00F3n completado: {0} entradas importadas correctamente, {1} entradas incorrectas o canceladas"},
-        {"Warning.Overwriting.existing.alias.alias.in.destination.keystore",
-                 "Advertencia: se sobrescribir\u00E1 el alias {0} en el almac\u00E9n de claves de destino"},
-        {"Existing.entry.alias.alias.exists.overwrite.no.",
-                 "El alias de entrada existente {0} ya existe, \u00BFdesea sobrescribirlo? [no]:  "},
-        {"Too.many.failures.try.later", "Demasiados fallos; int\u00E9ntelo m\u00E1s adelante"},
-        {"Certification.request.stored.in.file.filename.",
-                "Solicitud de certificaci\u00F3n almacenada en el archivo <{0}>"},
-        {"Submit.this.to.your.CA", "Enviar a la CA"},
-        {"if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified",
-            "si no se especifica el alias, no se puede especificar destalias, srckeypass ni destkeypass"},
-        {"Certificate.stored.in.file.filename.",
-                "Certificado almacenado en el archivo <{0}>"},
-        {"Certificate.reply.was.installed.in.keystore",
-                "Se ha instalado la respuesta del certificado en el almac\u00E9n de claves"},
-        {"Certificate.reply.was.not.installed.in.keystore",
-                "No se ha instalado la respuesta del certificado en el almac\u00E9n de claves"},
-        {"Certificate.was.added.to.keystore",
-                "Se ha agregado el certificado al almac\u00E9n de claves"},
-        {"Certificate.was.not.added.to.keystore",
-                "No se ha agregado el certificado al almac\u00E9n de claves"},
-        {".Storing.ksfname.", "[Almacenando {0}]"},
-        {"alias.has.no.public.key.certificate.",
-                "{0} no tiene clave p\u00FAblica (certificado)"},
-        {"Cannot.derive.signature.algorithm",
-                "No se puede derivar el algoritmo de firma"},
-        {"Alias.alias.does.not.exist",
-                "El alias <{0}> no existe"},
-        {"Alias.alias.has.no.certificate",
-                "El alias <{0}> no tiene certificado"},
-        {"Key.pair.not.generated.alias.alias.already.exists",
-                "No se ha generado el par de claves, el alias <{0}> ya existe"},
-        {"Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for",
-                "Generando par de claves {1} de {0} bits para certificado autofirmado ({2}) con una validez de {3} d\u00EDas\n\tpara: {4}"},
-        {"Enter.key.password.for.alias.", "Introduzca la contrase\u00F1a de clave para <{0}>"},
-        {".RETURN.if.same.as.keystore.password.",
-                "\t(INTRO si es la misma contrase\u00F1a que la del almac\u00E9n de claves):  "},
-        {"Key.password.is.too.short.must.be.at.least.6.characters",
-                "La contrase\u00F1a de clave es demasiado corta; debe tener al menos 6 caracteres"},
-        {"Too.many.failures.key.not.added.to.keystore",
-                "Demasiados fallos; no se ha agregado la clave al almac\u00E9n de claves"},
-        {"Destination.alias.dest.already.exists",
-                "El alias de destino <{0}> ya existe"},
-        {"Password.is.too.short.must.be.at.least.6.characters",
-                "La contrase\u00F1a es demasiado corta; debe tener al menos 6 caracteres"},
-        {"Too.many.failures.Key.entry.not.cloned",
-                "Demasiados fallos. No se ha clonado la entrada de clave"},
-        {"key.password.for.alias.", "contrase\u00F1a de clave para <{0}>"},
-        {"Keystore.entry.for.id.getName.already.exists",
-                "La entrada de almac\u00E9n de claves para <{0}> ya existe"},
-        {"Creating.keystore.entry.for.id.getName.",
-                "Creando entrada de almac\u00E9n de claves para <{0}> ..."},
-        {"No.entries.from.identity.database.added",
-                "No se han agregado entradas de la base de datos de identidades"},
-        {"Alias.name.alias", "Nombre de Alias: {0}"},
-        {"Creation.date.keyStore.getCreationDate.alias.",
-                "Fecha de Creaci\u00F3n: {0,date}"},
-        {"alias.keyStore.getCreationDate.alias.",
-                "{0}, {1,date}, "},
-        {"alias.", "{0}, "},
-        {"Entry.type.type.", "Tipo de Entrada: {0}"},
-        {"Certificate.chain.length.", "Longitud de la Cadena de Certificado: "},
-        {"Certificate.i.1.", "Certificado[{0,number,integer}]:"},
-        {"Certificate.fingerprint.SHA1.", "Huella Digital de Certificado (SHA1): "},
-        {"Keystore.type.", "Tipo de Almac\u00E9n de Claves: "},
-        {"Keystore.provider.", "Proveedor de Almac\u00E9n de Claves: "},
-        {"Your.keystore.contains.keyStore.size.entry",
-                "Su almac\u00E9n de claves contiene {0,number,integer} entrada"},
-        {"Your.keystore.contains.keyStore.size.entries",
-                "Su almac\u00E9n de claves contiene {0,number,integer} entradas"},
-        {"Failed.to.parse.input", "Fallo al analizar la entrada"},
-        {"Empty.input", "Entrada vac\u00EDa"},
-        {"Not.X.509.certificate", "No es un certificado X.509"},
-        {"alias.has.no.public.key", "{0} no tiene clave p\u00FAblica"},
-        {"alias.has.no.X.509.certificate", "{0} no tiene certificado X.509"},
-        {"New.certificate.self.signed.", "Nuevo Certificado (Autofirmado):"},
-        {"Reply.has.no.certificates", "La respuesta no tiene certificados"},
-        {"Certificate.not.imported.alias.alias.already.exists",
-                "Certificado no importado, el alias <{0}> ya existe"},
-        {"Input.not.an.X.509.certificate", "La entrada no es un certificado X.509"},
-        {"Certificate.already.exists.in.keystore.under.alias.trustalias.",
-                "El certificado ya existe en el almac\u00E9n de claves con el alias <{0}>"},
-        {"Do.you.still.want.to.add.it.no.",
-                "\u00BFA\u00FAn desea agregarlo? [no]:  "},
-        {"Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias.",
-                "El certificado ya existe en el almac\u00E9n de claves de la CA del sistema, con el alias <{0}>"},
-        {"Do.you.still.want.to.add.it.to.your.own.keystore.no.",
-                "\u00BFA\u00FAn desea agregarlo a su propio almac\u00E9n de claves? [no]:  "},
-        {"Trust.this.certificate.no.", "\u00BFConfiar en este certificado? [no]:  "},
-        {"YES", "S\u00ED"},
-        {"New.prompt.", "Nuevo {0}: "},
-        {"Passwords.must.differ", "Las contrase\u00F1as deben ser distintas"},
-        {"Re.enter.new.prompt.", "Vuelva a escribir el nuevo {0}: "},
-        {"Re.enter.new.password.", "Volver a escribir la contrase\u00F1a nueva: "},
-        {"They.don.t.match.Try.again", "No coinciden. Int\u00E9ntelo de nuevo"},
-        {"Enter.prompt.alias.name.", "Escriba el nombre de alias de {0}:  "},
-        {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
-                 "Indique el nuevo nombre de alias\t(INTRO para cancelar la importaci\u00F3n de esta entrada):  "},
-        {"Enter.alias.name.", "Introduzca el nombre de alias:  "},
-        {".RETURN.if.same.as.for.otherAlias.",
-                "\t(INTRO si es el mismo que para <{0}>)"},
-        {".PATTERN.printX509Cert",
-                "Propietario: {0}\nEmisor: {1}\nN\u00FAmero de serie: {2}\nV\u00E1lido desde: {3} hasta: {4}\nHuellas digitales del Certificado:\n\t MD5: {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t Nombre del Algoritmo de Firma: {8}\n\t Versi\u00F3n: {9}"},
-        {"What.is.your.first.and.last.name.",
-                "\u00BFCu\u00E1les son su nombre y su apellido?"},
-        {"What.is.the.name.of.your.organizational.unit.",
-                "\u00BFCu\u00E1l es el nombre de su unidad de organizaci\u00F3n?"},
-        {"What.is.the.name.of.your.organization.",
-                "\u00BFCu\u00E1l es el nombre de su organizaci\u00F3n?"},
-        {"What.is.the.name.of.your.City.or.Locality.",
-                "\u00BFCu\u00E1l es el nombre de su ciudad o localidad?"},
-        {"What.is.the.name.of.your.State.or.Province.",
-                "\u00BFCu\u00E1l es el nombre de su estado o provincia?"},
-        {"What.is.the.two.letter.country.code.for.this.unit.",
-                "\u00BFCu\u00E1l es el c\u00F3digo de pa\u00EDs de dos letras de la unidad?"},
-        {"Is.name.correct.", "\u00BFEs correcto {0}?"},
-        {"no", "no"},
-        {"yes", "s\u00ED"},
-        {"y", "s"},
-        {".defaultValue.", "  [{0}]:  "},
-        {"Alias.alias.has.no.key",
-                "El alias <{0}> no tiene clave"},
-        {"Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key",
-                 "El alias <{0}> hace referencia a un tipo de entrada que no es una clave privada. El comando -keyclone s\u00F3lo permite la clonaci\u00F3n de entradas de claves privadas"},
-
-        {".WARNING.WARNING.WARNING.",
-            "*****************  Advertencia Advertencia Advertencia  *****************"},
-        {"Signer.d.", "#%d de Firmante:"},
-        {"Timestamp.", "Registro de Hora:"},
-        {"Signature.", "Firma:"},
-        {"CRLs.", "CRL:"},
-        {"Certificate.owner.", "Propietario del Certificado: "},
-        {"Not.a.signed.jar.file", "No es un archivo jar firmado"},
-        {"No.certificate.from.the.SSL.server",
-                "Ning\u00FAn certificado del servidor SSL"},
-
-        {".The.integrity.of.the.information.stored.in.your.keystore.",
-            "* La integridad de la informaci\u00F3n almacenada en el almac\u00E9n de claves  *\n* NO se ha comprobado.  Para comprobar dicha integridad, *\n* debe proporcionar la contrase\u00F1a del almac\u00E9n de claves.                  *"},
-        {".The.integrity.of.the.information.stored.in.the.srckeystore.",
-            "* La integridad de la informaci\u00F3n almacenada en srckeystore*\n* NO se ha comprobado.  Para comprobar dicha integridad, *\n* debe proporcionar la contrase\u00F1a de srckeystore.                *"},
-
-        {"Certificate.reply.does.not.contain.public.key.for.alias.",
-                "La respuesta de certificado no contiene una clave p\u00FAblica para <{0}>"},
-        {"Incomplete.certificate.chain.in.reply",
-                "Cadena de certificado incompleta en la respuesta"},
-        {"Certificate.chain.in.reply.does.not.verify.",
-                "La cadena de certificado de la respuesta no verifica: "},
-        {"Top.level.certificate.in.reply.",
-                "Certificado de nivel superior en la respuesta:\n"},
-        {".is.not.trusted.", "... no es de confianza. "},
-        {"Install.reply.anyway.no.", "\u00BFInstalar respuesta de todos modos? [no]:  "},
-        {"NO", "No"},
-        {"Public.keys.in.reply.and.keystore.don.t.match",
-                "Las claves p\u00FAblicas en la respuesta y en el almac\u00E9n de claves no coinciden"},
-        {"Certificate.reply.and.certificate.in.keystore.are.identical",
-                "La respuesta del certificado y el certificado en el almac\u00E9n de claves son id\u00E9nticos"},
-        {"Failed.to.establish.chain.from.reply",
-                "No se ha podido definir una cadena a partir de la respuesta"},
-        {"n", "n"},
-        {"Wrong.answer.try.again", "Respuesta incorrecta, vuelva a intentarlo"},
-        {"Secret.key.not.generated.alias.alias.already.exists",
-                "No se ha generado la clave secreta, el alias <{0}> ya existe"},
-        {"Please.provide.keysize.for.secret.key.generation",
-                "Proporcione el valor de -keysize para la generaci\u00F3n de claves secretas"},
-
-        {"Extensions.", "Extensiones: "},
-        {".Empty.value.", "(Valor vac\u00EDo)"},
-        {"Extension.Request.", "Solicitud de Extensi\u00F3n:"},
-        {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
-                "Solicitud de Certificado PKCS #10 (Versi\u00F3n 1.0)\nAsunto: %s\nClave P\u00FAblica: %s formato %s clave\n"},
-        {"Unknown.keyUsage.type.", "Tipo de uso de clave desconocido: "},
-        {"Unknown.extendedkeyUsage.type.", "Tipo de uso de clave extendida desconocido: "},
-        {"Unknown.AccessDescription.type.", "Tipo de descripci\u00F3n de acceso desconocido: "},
-        {"Unrecognized.GeneralName.type.", "Tipo de nombre general no reconocido: "},
-        {"This.extension.cannot.be.marked.as.critical.",
-                 "Esta extensi\u00F3n no se puede marcar como cr\u00EDtica. "},
-        {"Odd.number.of.hex.digits.found.", "Se ha encontrado un n\u00FAmero impar de d\u00EDgitos hexadecimales: "},
-        {"Unknown.extension.type.", "Tipo de extensi\u00F3n desconocida: "},
-        {"command.{0}.is.ambiguous.", "El comando {0} es ambiguo:"},
-
-        // policytool
-        {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.",
-                "Advertencia: no hay clave p\u00FAblica para el alias {0}. Aseg\u00FArese de que se ha configurado correctamente un almac\u00E9n de claves."},
-        {"Warning.Class.not.found.class", "Advertencia: no se ha encontrado la clase: {0}"},
-        {"Warning.Invalid.argument.s.for.constructor.arg",
-                "Advertencia: argumento(s) no v\u00E1lido(s) para el constructor: {0}"},
-        {"Illegal.Principal.Type.type", "Tipo de principal no permitido: {0}"},
-        {"Illegal.option.option", "Opci\u00F3n no permitida: {0}"},
-        {"Usage.policytool.options.", "Sintaxis: policytool [opciones]"},
-        {".file.file.policy.file.location",
-                "  [-file <archivo>]    ubicaci\u00F3n del archivo de normas"},
-        {"New", "Nuevo"},
-        {"Open", "Abrir"},
-        {"Save", "Guardar"},
-        {"Save.As", "Guardar como"},
-        {"View.Warning.Log", "Ver Log de Advertencias"},
-        {"Exit", "Salir"},
-        {"Add.Policy.Entry", "Agregar Entrada de Pol\u00EDtica"},
-        {"Edit.Policy.Entry", "Editar Entrada de Pol\u00EDtica"},
-        {"Remove.Policy.Entry", "Eliminar Entrada de Pol\u00EDtica"},
-        {"Edit", "Editar"},
-        {"Retain", "Mantener"},
-
-        {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes",
-            "Advertencia: el nombre del archivo puede contener caracteres de barra invertida de escape. No es necesario utilizar barras invertidas de escape (la herramienta aplica caracteres de escape seg\u00FAn sea necesario al escribir el contenido de las pol\u00EDticas en el almac\u00E9n persistente).\n\nHaga clic en Mantener para conservar el nombre introducido o en Editar para modificarlo."},
-
-        {"Add.Public.Key.Alias", "Agregar Alias de Clave P\u00FAblico"},
-        {"Remove.Public.Key.Alias", "Eliminar Alias de Clave P\u00FAblico"},
-        {"File", "Archivo"},
-        {"KeyStore", "Almac\u00E9n de Claves"},
-        {"Policy.File.", "Archivo de Pol\u00EDtica:"},
-        {"Could.not.open.policy.file.policyFile.e.toString.",
-                "No se ha podido abrir el archivo de pol\u00EDtica: {0}: {1}"},
-        {"Policy.Tool", "Herramienta de Pol\u00EDticas"},
-        {"Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.",
-                "Ha habido errores al abrir la configuraci\u00F3n de pol\u00EDticas. V\u00E9ase el log de advertencias para obtener m\u00E1s informaci\u00F3n."},
-        {"Error", "Error"},
-        {"OK", "Aceptar"},
-        {"Status", "Estado"},
-        {"Warning", "Advertencia"},
-        {"Permission.",
-                "Permiso:                                                       "},
-        {"Principal.Type.", "Tipo de Principal:"},
-        {"Principal.Name.", "Nombre de Principal:"},
-        {"Target.Name.",
-                "Nombre de Destino:                                                    "},
-        {"Actions.",
-                "Acciones:                                                             "},
-        {"OK.to.overwrite.existing.file.filename.",
-                "\u00BFSobrescribir el archivo existente {0}?"},
-        {"Cancel", "Cancelar"},
-        {"CodeBase.", "CodeBase:"},
-        {"SignedBy.", "SignedBy:"},
-        {"Add.Principal", "Agregar Principal"},
-        {"Edit.Principal", "Editar Principal"},
-        {"Remove.Principal", "Eliminar Principal"},
-        {"Principals.", "Principales:"},
-        {".Add.Permission", "  Agregar Permiso"},
-        {".Edit.Permission", "  Editar Permiso"},
-        {"Remove.Permission", "Eliminar Permiso"},
-        {"Done", "Listo"},
-        {"KeyStore.URL.", "URL de Almac\u00E9n de Claves:"},
-        {"KeyStore.Type.", "Tipo de Almac\u00E9n de Claves:"},
-        {"KeyStore.Provider.", "Proveedor de Almac\u00E9n de Claves:"},
-        {"KeyStore.Password.URL.", "URL de Contrase\u00F1a de Almac\u00E9n de Claves:"},
-        {"Principals", "Principales"},
-        {".Edit.Principal.", "  Editar Principal:"},
-        {".Add.New.Principal.", "  Agregar Nuevo Principal:"},
-        {"Permissions", "Permisos"},
-        {".Edit.Permission.", "  Editar Permiso:"},
-        {".Add.New.Permission.", "  Agregar Permiso Nuevo:"},
-        {"Signed.By.", "Firmado Por:"},
-        {"Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name",
-            "No se puede especificar un principal con una clase de comod\u00EDn sin un nombre de comod\u00EDn"},
-        {"Cannot.Specify.Principal.without.a.Name",
-            "No se puede especificar el principal sin un nombre"},
-        {"Permission.and.Target.Name.must.have.a.value",
-                "Permiso y Nombre de Destino deben tener un valor"},
-        {"Remove.this.Policy.Entry.", "\u00BFEliminar esta entrada de pol\u00EDtica?"},
-        {"Overwrite.File", "Sobrescribir Archivo"},
-        {"Policy.successfully.written.to.filename",
-                "Pol\u00EDtica escrita correctamente en {0}"},
-        {"null.filename", "nombre de archivo nulo"},
-        {"Save.changes.", "\u00BFGuardar los cambios?"},
-        {"Yes", "S\u00ED"},
-        {"No", "No"},
-        {"Policy.Entry", "Entrada de Pol\u00EDtica"},
-        {"Save.Changes", "Guardar Cambios"},
-        {"No.Policy.Entry.selected", "No se ha seleccionado la entrada de pol\u00EDtica"},
-        {"Unable.to.open.KeyStore.ex.toString.",
-                "No se ha podido abrir el almac\u00E9n de claves: {0}"},
-        {"No.principal.selected", "No se ha seleccionado un principal"},
-        {"No.permission.selected", "No se ha seleccionado un permiso"},
-        {"name", "nombre"},
-        {"configuration.type", "tipo de configuraci\u00F3n"},
-        {"environment.variable.name", "nombre de variable de entorno"},
-        {"library.name", "nombre de la biblioteca"},
-        {"package.name", "nombre del paquete"},
-        {"policy.type", "tipo de pol\u00EDtica"},
-        {"property.name", "nombre de la propiedad"},
-        {"Principal.List", "Lista de Principales"},
-        {"Permission.List", "Lista de Permisos"},
-        {"Code.Base", "Base de C\u00F3digo"},
-        {"KeyStore.U.R.L.", "URL de Almac\u00E9n de Claves:"},
-        {"KeyStore.Password.U.R.L.", "URL de Contrase\u00F1a de Almac\u00E9n de Claves:"},
-
-
         // javax.security.auth.PrivateCredentialPermission
         {"invalid.null.input.s.", "entradas nulas no v\u00E1lidas"},
         {"actions.can.only.be.read.", "las acciones s\u00F3lo pueden 'leerse'"},
@@ -553,6 +58,7 @@
         {"provided.null.OID.map", "mapa de OID proporcionado nulo"},
 
         // javax.security.auth.Subject
+        {"NEWLINE", "\n"},
         {"invalid.null.AccessControlContext.provided",
                 "se ha proporcionado un AccessControlContext nulo no v\u00E1lido"},
         {"invalid.null.action.provided", "se ha proporcionado una acci\u00F3n nula no v\u00E1lida"},
@@ -656,6 +162,7 @@
      *
      * @return the contents of this <code>ResourceBundle</code>.
      */
+    @Override
     public Object[][] getContents() {
         return contents;
     }
--- a/jdk/src/share/classes/sun/security/util/Resources_fr.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/src/share/classes/sun/security/util/Resources_fr.java	Sun Oct 14 22:58:59 2012 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -34,501 +34,6 @@
 
     private static final Object[][] contents = {
 
-        // shared (from jarsigner)
-        {"SPACE", " "},
-        {"2SPACE", "  "},
-        {"6SPACE", "      "},
-        {"COMMA", ", "},
-        // shared (from keytool)
-        {"NEWLINE", "\n"},
-        {"STAR",
-                "*******************************************"},
-        {"STARNN",
-                "*******************************************\n\n"},
-
-        // keytool: Help part
-// "Option" should be translated.
-        {".OPTION.", " [Option]..."},
-        {"Options.", "Options :"},
-        {"Use.keytool.help.for.all.available.commands",
-                 "Utiliser \"keytool -help\" pour toutes les commandes disponibles"},
-        {"Key.and.Certificate.Management.Tool",
-                 "Outil de gestion de certificats et de cl\u00E9s"},
-        {"Commands.", "Commandes :"},
-        {"Use.keytool.command.name.help.for.usage.of.command.name",
-                "Utiliser \"keytool -command_name -help\" pour la syntaxe de command_name"},
-        // keytool: help: commands
-        {"Generates.a.certificate.request",
-                "G\u00E9n\u00E8re une demande de certificat"}, //-certreq
-        {"Changes.an.entry.s.alias",
-                "Modifie l'alias d'une entr\u00E9e"}, //-changealias
-        {"Deletes.an.entry",
-                "Supprime une entr\u00E9e"}, //-delete
-        {"Exports.certificate",
-                "Exporte le certificat"}, //-exportcert
-        {"Generates.a.key.pair",
-                "G\u00E9n\u00E8re une paire de cl\u00E9s"}, //-genkeypair
-// translation of "secret" key should be different to "private" key.
-        {"Generates.a.secret.key",
-                "G\u00E9n\u00E8re une cl\u00E9 secr\u00E8te"}, //-genseckey
-        {"Generates.certificate.from.a.certificate.request",
-                "G\u00E9n\u00E8re le certificat \u00E0 partir d'une demande de certificat"}, //-gencert
-        {"Generates.CRL", "G\u00E9n\u00E8re la liste des certificats r\u00E9voqu\u00E9s (CRL)"}, //-gencrl
-        {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
-                "Importe les entr\u00E9es \u00E0 partir d'une base de donn\u00E9es d'identit\u00E9s de type JDK 1.1.x"}, //-identitydb
-        {"Imports.a.certificate.or.a.certificate.chain",
-                "Importe un certificat ou une cha\u00EEne de certificat"}, //-importcert
-        {"Imports.one.or.all.entries.from.another.keystore",
-                "Importe une entr\u00E9e ou la totalit\u00E9 des entr\u00E9es depuis un autre fichier de cl\u00E9s"}, //-importkeystore
-        {"Clones.a.key.entry",
-                "Clone une entr\u00E9e de cl\u00E9"}, //-keyclone
-        {"Changes.the.key.password.of.an.entry",
-                "Modifie le mot de passe de cl\u00E9 d'une entr\u00E9e"}, //-keypasswd
-        {"Lists.entries.in.a.keystore",
-                "R\u00E9pertorie les entr\u00E9es d'un fichier de cl\u00E9s"}, //-list
-        {"Prints.the.content.of.a.certificate",
-                "Imprime le contenu d'un certificat"}, //-printcert
-        {"Prints.the.content.of.a.certificate.request",
-                "Imprime le contenu d'une demande de certificat"}, //-printcertreq
-        {"Prints.the.content.of.a.CRL.file",
-                "Imprime le contenu d'un fichier de liste des certificats r\u00E9voqu\u00E9s (CRL)"}, //-printcrl
-        {"Generates.a.self.signed.certificate",
-                "G\u00E9n\u00E8re un certificat auto-sign\u00E9"}, //-selfcert
-        {"Changes.the.store.password.of.a.keystore",
-                "Modifie le mot de passe de banque d'un fichier de cl\u00E9s"}, //-storepasswd
-        // keytool: help: options
-        {"alias.name.of.the.entry.to.process",
-                "nom d'alias de l'entr\u00E9e \u00E0 traiter"}, //-alias
-        {"destination.alias",
-                "alias de destination"}, //-destalias
-        {"destination.key.password",
-                "mot de passe de la cl\u00E9 de destination"}, //-destkeypass
-        {"destination.keystore.name",
-                "nom du fichier de cl\u00E9s de destination"}, //-destkeystore
-        {"destination.keystore.password.protected",
-                "mot de passe du fichier de cl\u00E9s de destination prot\u00E9g\u00E9"}, //-destprotected
-        {"destination.keystore.provider.name",
-                "nom du fournisseur du fichier de cl\u00E9s de destination"}, //-destprovidername
-        {"destination.keystore.password",
-                "mot de passe du fichier de cl\u00E9s de destination"}, //-deststorepass
-        {"destination.keystore.type",
-                "type du fichier de cl\u00E9s de destination"}, //-deststoretype
-        {"distinguished.name",
-                "nom distinctif"}, //-dname
-        {"X.509.extension",
-                "extension X.509"}, //-ext
-        {"output.file.name",
-                "nom du fichier de sortie"}, //-file and -outfile
-        {"input.file.name",
-                "nom du fichier d'entr\u00E9e"}, //-file and -infile
-        {"key.algorithm.name",
-                "nom de l'algorithme de cl\u00E9"}, //-keyalg
-        {"key.password",
-                "mot de passe de la cl\u00E9"}, //-keypass
-        {"key.bit.size",
-                "taille en bits de la cl\u00E9"}, //-keysize
-        {"keystore.name",
-                "nom du fichier de cl\u00E9s"}, //-keystore
-        {"new.password",
-                "nouveau mot de passe"}, //-new
-        {"do.not.prompt",
-                "ne pas inviter"}, //-noprompt
-        {"password.through.protected.mechanism",
-                "mot de passe via m\u00E9canisme prot\u00E9g\u00E9"}, //-protected
-        {"provider.argument",
-                "argument du fournisseur"}, //-providerarg
-        {"provider.class.name",
-                "nom de la classe de fournisseur"}, //-providerclass
-        {"provider.name",
-                "nom du fournisseur"}, //-providername
-        {"provider.classpath",
-                "variable d'environnement CLASSPATH du fournisseur"}, //-providerpath
-        {"output.in.RFC.style",
-                "sortie au style RFC"}, //-rfc
-        {"signature.algorithm.name",
-                "nom de l'algorithme de signature"}, //-sigalg
-        {"source.alias",
-                "alias source"}, //-srcalias
-        {"source.key.password",
-                "mot de passe de la cl\u00E9 source"}, //-srckeypass
-        {"source.keystore.name",
-                "nom du fichier de cl\u00E9s source"}, //-srckeystore
-        {"source.keystore.password.protected",
-                "mot de passe du fichier de cl\u00E9s source prot\u00E9g\u00E9"}, //-srcprotected
-        {"source.keystore.provider.name",
-                "nom du fournisseur du fichier de cl\u00E9s source"}, //-srcprovidername
-        {"source.keystore.password",
-                "mot de passe du fichier de cl\u00E9s source"}, //-srcstorepass
-        {"source.keystore.type",
-                "type du fichier de cl\u00E9s source"}, //-srcstoretype
-        {"SSL.server.host.and.port",
-                "Port et h\u00F4te du serveur SSL"}, //-sslserver
-        {"signed.jar.file",
-                "fichier JAR sign\u00E9"}, //=jarfile
-        {"certificate.validity.start.date.time",
-                "date/heure de d\u00E9but de validit\u00E9 du certificat"}, //-startdate
-        {"keystore.password",
-                "mot de passe du fichier de cl\u00E9s"}, //-storepass
-        {"keystore.type",
-                "type du fichier de cl\u00E9s"}, //-storetype
-        {"trust.certificates.from.cacerts",
-                "certificats s\u00E9curis\u00E9s issus de certificats CA"}, //-trustcacerts
-        {"verbose.output",
-                "sortie en mode verbose"}, //-v
-        {"validity.number.of.days",
-                "nombre de jours de validit\u00E9"}, //-validity
-        {"Serial.ID.of.cert.to.revoke",
-                 "ID de s\u00E9rie du certificat \u00E0 r\u00E9voquer"}, //-id
-        // keytool: Running part
-        {"keytool.error.", "erreur keytool : "},
-        {"Illegal.option.", "Option non admise :  "},
-        {"Illegal.value.", "Valeur non admise : "},
-        {"Unknown.password.type.", "Type de mot de passe inconnu : "},
-        {"Cannot.find.environment.variable.",
-                "Variable d'environnement introuvable : "},
-        {"Cannot.find.file.", "Fichier introuvable : "},
-        {"Command.option.flag.needs.an.argument.", "L''option de commande {0} requiert un argument."},
-        {"Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value.",
-                "Avertissement\u00A0: les mots de passe de cl\u00E9 et de banque distincts ne sont pas pris en charge pour les fichiers de cl\u00E9s d''acc\u00E8s PKCS12. La valeur {0} sp\u00E9cifi\u00E9e par l''utilisateur est ignor\u00E9e."},
-        {".keystore.must.be.NONE.if.storetype.is.{0}",
-                "-keystore doit \u00EAtre d\u00E9fini sur NONE si -storetype est {0}"},
-        {"Too.many.retries.program.terminated",
-                 "Trop de tentatives, fin du programme"},
-        {".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}",
-                "Les commandes -storepasswd et -keypasswd ne sont pas prises en charge si -storetype est d\u00E9fini sur {0}"},
-        {".keypasswd.commands.not.supported.if.storetype.is.PKCS12",
-                "Les commandes -keypasswd ne sont pas prises en charge si -storetype est d\u00E9fini sur PKCS12"},
-        {".keypass.and.new.can.not.be.specified.if.storetype.is.{0}",
-                "Les commandes -keypass et -new ne peuvent pas \u00EAtre sp\u00E9cifi\u00E9es si -storetype est d\u00E9fini sur {0}"},
-        {"if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified",
-                "si -protected est sp\u00E9cifi\u00E9, -storepass, -keypass et -new ne doivent pas \u00EAtre indiqu\u00E9s"},
-        {"if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified",
-                "Si -srcprotected est indiqu\u00E9, les commandes -srcstorepass et -srckeypass ne doivent pas \u00EAtre sp\u00E9cifi\u00E9es"},
-        {"if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified",
-                "Si le fichier de cl\u00E9s n'est pas prot\u00E9g\u00E9 par un mot de passe, les commandes -storepass, -keypass et -new ne doivent pas \u00EAtre sp\u00E9cifi\u00E9es"},
-        {"if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified",
-                "Si le fichier de cl\u00E9s source n'est pas prot\u00E9g\u00E9 par un mot de passe, les commandes -srcstorepass et -srckeypass ne doivent pas \u00EAtre sp\u00E9cifi\u00E9es"},
-        {"Illegal.startdate.value", "Valeur de date de d\u00E9but non admise"},
-        {"Validity.must.be.greater.than.zero",
-                "La validit\u00E9 doit \u00EAtre sup\u00E9rieure \u00E0 z\u00E9ro"},
-        {"provName.not.a.provider", "{0} n''est pas un fournisseur"},
-        {"Usage.error.no.command.provided", "Erreur de syntaxe\u00A0: aucune commande fournie"},
-        {"Source.keystore.file.exists.but.is.empty.", "Le fichier de cl\u00E9s source existe mais il est vide : "},
-        {"Please.specify.srckeystore", "Indiquez -srckeystore"},
-        {"Must.not.specify.both.v.and.rfc.with.list.command",
-                "-v et -rfc ne doivent pas \u00EAtre sp\u00E9cifi\u00E9s avec la commande 'list'"},
-        {"Key.password.must.be.at.least.6.characters",
-                "Un mot de passe de cl\u00E9 doit comporter au moins 6 caract\u00E8res"},
-        {"New.password.must.be.at.least.6.characters",
-                "Le nouveau mot de passe doit comporter au moins 6 caract\u00E8res"},
-        {"Keystore.file.exists.but.is.empty.",
-                "Fichier de cl\u00E9s existant mais vide : "},
-        {"Keystore.file.does.not.exist.",
-                "Le fichier de cl\u00E9s n'existe pas : "},
-        {"Must.specify.destination.alias", "L'alias de destination doit \u00EAtre sp\u00E9cifi\u00E9"},
-        {"Must.specify.alias", "L'alias doit \u00EAtre sp\u00E9cifi\u00E9"},
-        {"Keystore.password.must.be.at.least.6.characters",
-                "Un mot de passe de fichier de cl\u00E9s doit comporter au moins 6 caract\u00E8res"},
-        {"Enter.keystore.password.", "Entrez le mot de passe du fichier de cl\u00E9s :  "},
-        {"Enter.source.keystore.password.", "Entrez le mot de passe du fichier de cl\u00E9s source\u00A0:  "},
-        {"Enter.destination.keystore.password.", "Entrez le mot de passe du fichier de cl\u00E9s de destination\u00A0:  "},
-        {"Keystore.password.is.too.short.must.be.at.least.6.characters",
-         "Le mot de passe du fichier de cl\u00E9s est trop court : il doit comporter au moins 6 caract\u00E8res"},
-        {"Unknown.Entry.Type", "Type d'entr\u00E9e inconnu"},
-        {"Too.many.failures.Alias.not.changed", "Trop d'erreurs. Alias non modifi\u00E9"},
-        {"Entry.for.alias.alias.successfully.imported.",
-                 "L''entr\u00E9e de l''alias {0} a \u00E9t\u00E9 import\u00E9e."},
-        {"Entry.for.alias.alias.not.imported.", "L''entr\u00E9e de l''alias {0} n''a pas \u00E9t\u00E9 import\u00E9e."},
-        {"Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported.",
-                 "Probl\u00E8me lors de l''import de l''entr\u00E9e de l''alias {0}\u00A0: {1}.\nL''entr\u00E9e de l''alias {0} n''a pas \u00E9t\u00E9 import\u00E9e."},
-        {"Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled",
-                 "Commande d''import ex\u00E9cut\u00E9e\u00A0: {0} entr\u00E9es import\u00E9es, \u00E9chec ou annulation de {1} entr\u00E9es"},
-        {"Warning.Overwriting.existing.alias.alias.in.destination.keystore",
-                 "Avertissement\u00A0: l''alias {0} existant sera remplac\u00E9 dans le fichier de cl\u00E9s d''acc\u00E8s de destination"},
-        {"Existing.entry.alias.alias.exists.overwrite.no.",
-                 "L''alias d''entr\u00E9e {0} existe d\u00E9j\u00E0. Voulez-vous le remplacer ? [non]\u00A0:  "},
-        {"Too.many.failures.try.later", "Trop d'erreurs. R\u00E9essayez plus tard"},
-        {"Certification.request.stored.in.file.filename.",
-                "Demande de certification stock\u00E9e dans le fichier <{0}>"},
-        {"Submit.this.to.your.CA", "Soumettre \u00E0 votre CA"},
-        {"if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified",
-            "si l'alias n'est pas sp\u00E9cifi\u00E9, destalias, srckeypass et destkeypass ne doivent pas \u00EAtre sp\u00E9cifi\u00E9s"},
-        {"Certificate.stored.in.file.filename.",
-                "Certificat stock\u00E9 dans le fichier <{0}>"},
-        {"Certificate.reply.was.installed.in.keystore",
-                "R\u00E9ponse de certificat install\u00E9e dans le fichier de cl\u00E9s"},
-        {"Certificate.reply.was.not.installed.in.keystore",
-                "R\u00E9ponse de certificat non install\u00E9e dans le fichier de cl\u00E9s"},
-        {"Certificate.was.added.to.keystore",
-                "Certificat ajout\u00E9 au fichier de cl\u00E9s"},
-        {"Certificate.was.not.added.to.keystore",
-                "Certificat non ajout\u00E9 au fichier de cl\u00E9s"},
-        {".Storing.ksfname.", "[Stockage de {0}]"},
-        {"alias.has.no.public.key.certificate.",
-                "{0} ne poss\u00E8de pas de cl\u00E9 publique (certificat)"},
-        {"Cannot.derive.signature.algorithm",
-                "Impossible de d\u00E9duire l'algorithme de signature"},
-        {"Alias.alias.does.not.exist",
-                "L''alias <{0}> n''existe pas"},
-        {"Alias.alias.has.no.certificate",
-                "L''alias <{0}> ne poss\u00E8de pas de certificat"},
-        {"Key.pair.not.generated.alias.alias.already.exists",
-                "Paire de cl\u00E9s non g\u00E9n\u00E9r\u00E9e, l''alias <{0}> existe d\u00E9j\u00E0"},
-        {"Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for",
-                "G\u00E9n\u00E9ration d''une paire de cl\u00E9s {1} de {0} bits et d''un certificat auto-sign\u00E9 ({2}) d''une validit\u00E9 de {3} jours\n\tpour : {4}"},
-        {"Enter.key.password.for.alias.", "Entrez le mot de passe de la cl\u00E9 pour <{0}>"},
-        {".RETURN.if.same.as.keystore.password.",
-                "\t(appuyez sur Entr\u00E9e s'il s'agit du mot de passe du fichier de cl\u00E9s) :  "},
-        {"Key.password.is.too.short.must.be.at.least.6.characters",
-                "Le mot de passe de la cl\u00E9 est trop court : il doit comporter au moins 6 caract\u00E8res"},
-        {"Too.many.failures.key.not.added.to.keystore",
-                "Trop d'erreurs. Cl\u00E9 non ajout\u00E9e au fichier de cl\u00E9s"},
-        {"Destination.alias.dest.already.exists",
-                "L''alias de la destination <{0}> existe d\u00E9j\u00E0"},
-        {"Password.is.too.short.must.be.at.least.6.characters",
-                "Le mot de passe est trop court : il doit comporter au moins 6 caract\u00E8res"},
-        {"Too.many.failures.Key.entry.not.cloned",
-                "Trop d'erreurs. Entr\u00E9e de cl\u00E9 non clon\u00E9e"},
-        {"key.password.for.alias.", "mot de passe de cl\u00E9 pour <{0}>"},
-        {"Keystore.entry.for.id.getName.already.exists",
-                "L''entr\u00E9e de fichier de cl\u00E9s d''acc\u00E8s pour <{0}> existe d\u00E9j\u00E0"},
-        {"Creating.keystore.entry.for.id.getName.",
-                "Cr\u00E9ation d''une entr\u00E9e de fichier de cl\u00E9s d''acc\u00E8s pour <{0}>..."},
-        {"No.entries.from.identity.database.added",
-                "Aucune entr\u00E9e ajout\u00E9e \u00E0 partir de la base de donn\u00E9es d'identit\u00E9s"},
-        {"Alias.name.alias", "Nom d''alias : {0}"},
-        {"Creation.date.keyStore.getCreationDate.alias.",
-                "Date de cr\u00E9ation : {0,date}"},
-        {"alias.keyStore.getCreationDate.alias.",
-                "{0}, {1,date}, "},
-        {"alias.", "{0}, "},
-        {"Entry.type.type.", "Type d''entr\u00E9e\u00A0: {0}"},
-        {"Certificate.chain.length.", "Longueur de cha\u00EEne du certificat : "},
-        {"Certificate.i.1.", "Certificat[{0,number,integer}]:"},
-        {"Certificate.fingerprint.SHA1.", "Empreinte du certificat (SHA1) : "},
-        {"Keystore.type.", "Type de fichier de cl\u00E9s : "},
-        {"Keystore.provider.", "Fournisseur de fichier de cl\u00E9s : "},
-        {"Your.keystore.contains.keyStore.size.entry",
-                "Votre fichier de cl\u00E9s d''acc\u00E8s contient {0,number,integer} entr\u00E9e"},
-        {"Your.keystore.contains.keyStore.size.entries",
-                "Votre fichier de cl\u00E9s d''acc\u00E8s contient {0,number,integer} entr\u00E9es"},
-        {"Failed.to.parse.input", "L'analyse de l'entr\u00E9e a \u00E9chou\u00E9"},
-        {"Empty.input", "Entr\u00E9e vide"},
-        {"Not.X.509.certificate", "Pas un certificat X.509"},
-        {"alias.has.no.public.key", "{0} ne poss\u00E8de pas de cl\u00E9 publique"},
-        {"alias.has.no.X.509.certificate", "{0} ne poss\u00E8de pas de certificat X.509"},
-        {"New.certificate.self.signed.", "Nouveau certificat (auto-sign\u00E9) :"},
-        {"Reply.has.no.certificates", "La r\u00E9ponse n'a pas de certificat"},
-        {"Certificate.not.imported.alias.alias.already.exists",
-                "Certificat non import\u00E9, l''alias <{0}> existe d\u00E9j\u00E0"},
-        {"Input.not.an.X.509.certificate", "L'entr\u00E9e n'est pas un certificat X.509"},
-        {"Certificate.already.exists.in.keystore.under.alias.trustalias.",
-                "Le certificat existe d\u00E9j\u00E0 dans le fichier de cl\u00E9s d''acc\u00E8s sous l''alias <{0}>"},
-        {"Do.you.still.want.to.add.it.no.",
-                "Voulez-vous toujours l'ajouter ? [non] :  "},
-        {"Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias.",
-                "Le certificat existe d\u00E9j\u00E0 dans le fichier de cl\u00E9s d''acc\u00E8s CA syst\u00E8me sous l''alias <{0}>"},
-        {"Do.you.still.want.to.add.it.to.your.own.keystore.no.",
-                "Voulez-vous toujours l'ajouter \u00E0 votre fichier de cl\u00E9s ? [non] :  "},
-        {"Trust.this.certificate.no.", "Faire confiance \u00E0 ce certificat ? [non] :  "},
-        {"YES", "Oui"},
-        {"New.prompt.", "Nouveau {0} : "},
-        {"Passwords.must.differ", "Les mots de passe doivent diff\u00E9rer"},
-        {"Re.enter.new.prompt.", "Indiquez encore le nouveau {0} : "},
-        {"Re.enter.new.password.", "Ressaisissez le nouveau mot de passe : "},
-        {"They.don.t.match.Try.again", "Ils sont diff\u00E9rents. R\u00E9essayez."},
-        {"Enter.prompt.alias.name.", "Indiquez le nom d''alias {0} :  "},
-        {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
-                 "Saisissez le nom du nouvel alias\t(ou appuyez sur Entr\u00E9e pour annuler l'import de cette entr\u00E9e)\u00A0:  "},
-        {"Enter.alias.name.", "Indiquez le nom d'alias :  "},
-        {".RETURN.if.same.as.for.otherAlias.",
-                "\t(appuyez sur Entr\u00E9e si le r\u00E9sultat est identique \u00E0 <{0}>)"},
-        {".PATTERN.printX509Cert",
-                "Propri\u00E9taire : {0}\nEmetteur : {1}\nNum\u00E9ro de s\u00E9rie : {2}\nValide du : {3} au : {4}\nEmpreintes du certificat :\n\t MD5:  {5}\n\t SHA1 : {6}\n\t SHA256 : {7}\n\t Nom de l''algorithme de signature : {8}\n\t Version : {9}"},
-        {"What.is.your.first.and.last.name.",
-                "Quels sont vos nom et pr\u00E9nom ?"},
-        {"What.is.the.name.of.your.organizational.unit.",
-                "Quel est le nom de votre unit\u00E9 organisationnelle ?"},
-        {"What.is.the.name.of.your.organization.",
-                "Quel est le nom de votre entreprise ?"},
-        {"What.is.the.name.of.your.City.or.Locality.",
-                "Quel est le nom de votre ville de r\u00E9sidence ?"},
-        {"What.is.the.name.of.your.State.or.Province.",
-                "Quel est le nom de votre \u00E9tat ou province ?"},
-        {"What.is.the.two.letter.country.code.for.this.unit.",
-                "Quel est le code pays \u00E0 deux lettres pour cette unit\u00E9 ?"},
-        {"Is.name.correct.", "Est-ce {0} ?"},
-        {"no", "non"},
-        {"yes", "oui"},
-        {"y", "o"},
-        {".defaultValue.", "  [{0}]:  "},
-        {"Alias.alias.has.no.key",
-                "L''alias <{0}> n''est associ\u00E9 \u00E0 aucune cl\u00E9"},
-        {"Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key",
-                 "L''entr\u00E9e \u00E0 laquelle l''alias <{0}> fait r\u00E9f\u00E9rence n''est pas une entr\u00E9e de type cl\u00E9 priv\u00E9e. La commande -keyclone prend uniquement en charge le clonage des cl\u00E9s priv\u00E9es"},
-
-        {".WARNING.WARNING.WARNING.",
-            "*****************  Avertissement Avertissement Avertissement  *****************"},
-        {"Signer.d.", "Signataire n\u00B0%d :"},
-        {"Timestamp.", "Horodatage :"},
-        {"Signature.", "Signature :"},
-        {"CRLs.", "Listes des certificats r\u00E9voqu\u00E9s (CRL) :"},
-        {"Certificate.owner.", "Propri\u00E9taire du certificat : "},
-        {"Not.a.signed.jar.file", "Fichier JAR non sign\u00E9"},
-        {"No.certificate.from.the.SSL.server",
-                "Aucun certificat du serveur SSL"},
-
-        {".The.integrity.of.the.information.stored.in.your.keystore.",
-            "* L'int\u00E9grit\u00E9 des informations stock\u00E9es dans votre fichier de cl\u00E9s  *\n* n'a PAS \u00E9t\u00E9 v\u00E9rifi\u00E9e. Pour cela, *\n* vous devez fournir le mot de passe de votre fichier de cl\u00E9s.                  *"},
-        {".The.integrity.of.the.information.stored.in.the.srckeystore.",
-            "* L'int\u00E9grit\u00E9 des informations stock\u00E9es dans le fichier de cl\u00E9s source  *\n* n'a PAS \u00E9t\u00E9 v\u00E9rifi\u00E9e. Pour cela, *\n* vous devez fournir le mot de passe de votre fichier de cl\u00E9s source.                  *"},
-
-        {"Certificate.reply.does.not.contain.public.key.for.alias.",
-                "La r\u00E9ponse au certificat ne contient pas de cl\u00E9 publique pour <{0}>"},
-        {"Incomplete.certificate.chain.in.reply",
-                "Cha\u00EEne de certificat incompl\u00E8te dans la r\u00E9ponse"},
-        {"Certificate.chain.in.reply.does.not.verify.",
-                "La cha\u00EEne de certificat de la r\u00E9ponse ne concorde pas : "},
-        {"Top.level.certificate.in.reply.",
-                "Certificat de niveau sup\u00E9rieur dans la r\u00E9ponse :\n"},
-        {".is.not.trusted.", "... non s\u00E9curis\u00E9. "},
-        {"Install.reply.anyway.no.", "Installer la r\u00E9ponse quand m\u00EAme ? [non] :  "},
-        {"NO", "Non"},
-        {"Public.keys.in.reply.and.keystore.don.t.match",
-                "Les cl\u00E9s publiques de la r\u00E9ponse et du fichier de cl\u00E9s ne concordent pas"},
-        {"Certificate.reply.and.certificate.in.keystore.are.identical",
-                "La r\u00E9ponse au certificat et le certificat du fichier de cl\u00E9s sont identiques"},
-        {"Failed.to.establish.chain.from.reply",
-                "Impossible de cr\u00E9er une cha\u00EEne \u00E0 partir de la r\u00E9ponse"},
-        {"n", "n"},
-        {"Wrong.answer.try.again", "R\u00E9ponse incorrecte, recommencez"},
-        {"Secret.key.not.generated.alias.alias.already.exists",
-                "Cl\u00E9 secr\u00E8te non g\u00E9n\u00E9r\u00E9e, l''alias <{0}> existe d\u00E9j\u00E0"},
-        {"Please.provide.keysize.for.secret.key.generation",
-                "Indiquez -keysize pour la g\u00E9n\u00E9ration de la cl\u00E9 secr\u00E8te"},
-
-        {"Extensions.", "Extensions\u00A0: "},
-        {".Empty.value.", "(Valeur vide)"},
-        {"Extension.Request.", "Demande d'extension :"},
-        {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
-                "Demande de certificat PKCS #10 (version 1.0)\nSujet : %s\nCl\u00E9 publique : format %s pour la cl\u00E9 %s\n"},
-        {"Unknown.keyUsage.type.", "Type keyUsage inconnu : "},
-        {"Unknown.extendedkeyUsage.type.", "Type extendedkeyUsage inconnu : "},
-        {"Unknown.AccessDescription.type.", "Type AccessDescription inconnu : "},
-        {"Unrecognized.GeneralName.type.", "Type GeneralName non reconnu : "},
-        {"This.extension.cannot.be.marked.as.critical.",
-                 "Cette extension ne peut pas \u00EAtre marqu\u00E9e comme critique. "},
-        {"Odd.number.of.hex.digits.found.", "Nombre impair de chiffres hexad\u00E9cimaux trouv\u00E9 : "},
-        {"Unknown.extension.type.", "Type d'extension inconnu : "},
-        {"command.{0}.is.ambiguous.", "commande {0} ambigu\u00EB :"},
-
-        // policytool
-        {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.",
-                "Avertissement\u00A0: il n''existe pas de cl\u00E9 publique pour l''alias {0}. V\u00E9rifiez que le fichier de cl\u00E9s d''acc\u00E8s est correctement configur\u00E9."},
-        {"Warning.Class.not.found.class", "Avertissement : classe introuvable - {0}"},
-        {"Warning.Invalid.argument.s.for.constructor.arg",
-                "Avertissement\u00A0: arguments non valides pour le constructeur\u00A0- {0}"},
-        {"Illegal.Principal.Type.type", "Type de principal non admis : {0}"},
-        {"Illegal.option.option", "Option non admise : {0}"},
-        {"Usage.policytool.options.", "Syntaxe : policytool [options]"},
-        {".file.file.policy.file.location",
-                "  [-file <file>]    emplacement du fichier de r\u00E8gles"},
-        {"New", "Nouveau"},
-        {"Open", "Ouvrir"},
-        {"Save", "Enregistrer"},
-        {"Save.As", "Enregistrer sous"},
-        {"View.Warning.Log", "Afficher le journal des avertissements"},
-        {"Exit", "Quitter"},
-        {"Add.Policy.Entry", "Ajouter une r\u00E8gle"},
-        {"Edit.Policy.Entry", "Modifier une r\u00E8gle"},
-        {"Remove.Policy.Entry", "Enlever une r\u00E8gle"},
-        {"Edit", "Modifier"},
-        {"Retain", "Conserver"},
-
-        {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes",
-            "Avertissement : il se peut que le nom de fichier contienne des barres obliques inverses avec caract\u00E8re d'\u00E9chappement. Il n'est pas n\u00E9cessaire d'ajouter un caract\u00E8re d'\u00E9chappement aux barres obliques inverses. L'outil proc\u00E8de \u00E0 l'\u00E9chappement si n\u00E9cessaire lorsqu'il \u00E9crit le contenu des r\u00E8gles dans la zone de stockage persistant).\n\nCliquez sur Conserver pour garder le nom saisi ou sur Modifier pour le remplacer."},
-
-        {"Add.Public.Key.Alias", "Ajouter un alias de cl\u00E9 publique"},
-        {"Remove.Public.Key.Alias", "Enlever un alias de cl\u00E9 publique"},
-        {"File", "Fichier"},
-        {"KeyStore", "Fichier de cl\u00E9s"},
-        {"Policy.File.", "Fichier de r\u00E8gles :"},
-        {"Could.not.open.policy.file.policyFile.e.toString.",
-                "Impossible d''ouvrir le fichier de r\u00E8gles\u00A0: {0}: {1}"},
-        {"Policy.Tool", "Policy Tool"},
-        {"Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.",
-                "Des erreurs se sont produites \u00E0 l'ouverture de la configuration de r\u00E8gles. Pour plus d'informations, consultez le journal des avertissements."},
-        {"Error", "Erreur"},
-        {"OK", "OK"},
-        {"Status", "Statut"},
-        {"Warning", "Avertissement"},
-        {"Permission.",
-                "Droit :                                                       "},
-        {"Principal.Type.", "Type de principal :"},
-        {"Principal.Name.", "Nom de principal :"},
-        {"Target.Name.",
-                "Nom de cible :                                                    "},
-        {"Actions.",
-                "Actions :                                                             "},
-        {"OK.to.overwrite.existing.file.filename.",
-                "Remplacer le fichier existant {0} ?"},
-        {"Cancel", "Annuler"},
-        {"CodeBase.", "Base de code :"},
-        {"SignedBy.", "Sign\u00E9 par :"},
-        {"Add.Principal", "Ajouter un principal"},
-        {"Edit.Principal", "Modifier un principal"},
-        {"Remove.Principal", "Enlever un principal"},
-        {"Principals.", "Principaux :"},
-        {".Add.Permission", "  Ajouter un droit"},
-        {".Edit.Permission", "  Modifier un droit"},
-        {"Remove.Permission", "Enlever un droit"},
-        {"Done", "Termin\u00E9"},
-        {"KeyStore.URL.", "URL du fichier de cl\u00E9s :"},
-        {"KeyStore.Type.", "Type du fichier de cl\u00E9s :"},
-        {"KeyStore.Provider.", "Fournisseur du fichier de cl\u00E9s :"},
-        {"KeyStore.Password.URL.", "URL du mot de passe du fichier de cl\u00E9s :"},
-        {"Principals", "Principaux"},
-        {".Edit.Principal.", "  Modifier un principal :"},
-        {".Add.New.Principal.", "  Ajouter un principal :"},
-        {"Permissions", "Droits"},
-        {".Edit.Permission.", "  Modifier un droit :"},
-        {".Add.New.Permission.", "  Ajouter un droit :"},
-        {"Signed.By.", "Sign\u00E9 par :"},
-        {"Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name",
-            "Impossible de sp\u00E9cifier un principal avec une classe g\u00E9n\u00E9rique sans nom g\u00E9n\u00E9rique"},
-        {"Cannot.Specify.Principal.without.a.Name",
-            "Impossible de sp\u00E9cifier un principal sans nom"},
-        {"Permission.and.Target.Name.must.have.a.value",
-                "Le droit et le nom de cible doivent avoir une valeur"},
-        {"Remove.this.Policy.Entry.", "Enlever cette r\u00E8gle ?"},
-        {"Overwrite.File", "Remplacer le fichier"},
-        {"Policy.successfully.written.to.filename",
-                "R\u00E8gle \u00E9crite dans {0}"},
-        {"null.filename", "nom de fichier NULL"},
-        {"Save.changes.", "Enregistrer les modifications ?"},
-        {"Yes", "Oui"},
-        {"No", "Non"},
-        {"Policy.Entry", "R\u00E8gle"},
-        {"Save.Changes", "Enregistrer les modifications"},
-        {"No.Policy.Entry.selected", "Aucune r\u00E8gle s\u00E9lectionn\u00E9e"},
-        {"Unable.to.open.KeyStore.ex.toString.",
-                "Impossible d''ouvrir le fichier de cl\u00E9s d''acc\u00E8s : {0}"},
-        {"No.principal.selected", "Aucun principal s\u00E9lectionn\u00E9"},
-        {"No.permission.selected", "Aucun droit s\u00E9lectionn\u00E9"},
-        {"name", "nom"},
-        {"configuration.type", "type de configuration"},
-        {"environment.variable.name", "Nom de variable d'environnement"},
-        {"library.name", "nom de biblioth\u00E8que"},
-        {"package.name", "nom de package"},
-        {"policy.type", "type de r\u00E8gle"},
-        {"property.name", "nom de propri\u00E9t\u00E9"},
-        {"Principal.List", "Liste de principaux"},
-        {"Permission.List", "Liste de droits"},
-        {"Code.Base", "Base de code"},
-        {"KeyStore.U.R.L.", "URL du fichier de cl\u00E9s :"},
-        {"KeyStore.Password.U.R.L.", "URL du mot de passe du fichier de cl\u00E9s :"},
-
-
         // javax.security.auth.PrivateCredentialPermission
         {"invalid.null.input.s.", "entr\u00E9es NULL non valides"},
         {"actions.can.only.be.read.", "les actions sont accessibles en lecture uniquement"},
@@ -553,6 +58,7 @@
         {"provided.null.OID.map", "mappage OID NULL fourni"},
 
         // javax.security.auth.Subject
+        {"NEWLINE", "\n"},
         {"invalid.null.AccessControlContext.provided",
                 "AccessControlContext NULL fourni non valide"},
         {"invalid.null.action.provided", "action NULL fournie non valide"},
@@ -656,6 +162,7 @@
      *
      * @return the contents of this <code>ResourceBundle</code>.
      */
+    @Override
     public Object[][] getContents() {
         return contents;
     }
--- a/jdk/src/share/classes/sun/security/util/Resources_it.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/src/share/classes/sun/security/util/Resources_it.java	Sun Oct 14 22:58:59 2012 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -34,501 +34,6 @@
 
     private static final Object[][] contents = {
 
-        // shared (from jarsigner)
-        {"SPACE", " "},
-        {"2SPACE", "  "},
-        {"6SPACE", "      "},
-        {"COMMA", ", "},
-        // shared (from keytool)
-        {"NEWLINE", "\n"},
-        {"STAR",
-                "*******************************************"},
-        {"STARNN",
-                "*******************************************\n\n"},
-
-        // keytool: Help part
-// "Option" should be translated.
-        {".OPTION.", " [Opzione]..."},
-        {"Options.", "Opzioni:"},
-        {"Use.keytool.help.for.all.available.commands",
-                 "Utilizzare \"keytool -help\" per visualizzare tutti i comandi disponibili"},
-        {"Key.and.Certificate.Management.Tool",
-                 "Strumento di gestione di chiavi e certificati"},
-        {"Commands.", "Comandi:"},
-        {"Use.keytool.command.name.help.for.usage.of.command.name",
-                "Utilizzare \"keytool -command_name -help\" per informazioni sull'uso di command_name"},
-        // keytool: help: commands
-        {"Generates.a.certificate.request",
-                "Genera una richiesta di certificato"}, //-certreq
-        {"Changes.an.entry.s.alias",
-                "Modifica l'alias di una voce"}, //-changealias
-        {"Deletes.an.entry",
-                "Elimina una voce"}, //-delete
-        {"Exports.certificate",
-                "Esporta il certificato"}, //-exportcert
-        {"Generates.a.key.pair",
-                "Genera una coppia di chiavi"}, //-genkeypair
-// translation of "secret" key should be different to "private" key.
-        {"Generates.a.secret.key",
-                "Genera una chiave segreta"}, //-genseckey
-        {"Generates.certificate.from.a.certificate.request",
-                "Genera un certificato da una richiesta di certificato"}, //-gencert
-        {"Generates.CRL", "Genera CRL"}, //-gencrl
-        {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
-                "Importa le voci da un database delle identit\u00E0 di tipo JDK 1.1.x"}, //-identitydb
-        {"Imports.a.certificate.or.a.certificate.chain",
-                "Importa un certificato o una catena di certificati"}, //-importcert
-        {"Imports.one.or.all.entries.from.another.keystore",
-                "Importa una o tutte le voci da un altro keystore"}, //-importkeystore
-        {"Clones.a.key.entry",
-                "Duplica una voce di chiave"}, //-keyclone
-        {"Changes.the.key.password.of.an.entry",
-                "Modifica la password della chiave per una voce"}, //-keypasswd
-        {"Lists.entries.in.a.keystore",
-                "Elenca le voci in un keystore"}, //-list
-        {"Prints.the.content.of.a.certificate",
-                "Visualizza i contenuti di un certificato"}, //-printcert
-        {"Prints.the.content.of.a.certificate.request",
-                "Visualizza i contenuti di una richiesta di certificato"}, //-printcertreq
-        {"Prints.the.content.of.a.CRL.file",
-                "Visualizza i contenuti di un file CRL"}, //-printcrl
-        {"Generates.a.self.signed.certificate",
-                "Genera certificato con firma automatica"}, //-selfcert
-        {"Changes.the.store.password.of.a.keystore",
-                "Modifica la password di area di memorizzazione di un keystore"}, //-storepasswd
-        // keytool: help: options
-        {"alias.name.of.the.entry.to.process",
-                "nome alias della voce da elaborare"}, //-alias
-        {"destination.alias",
-                "alias di destinazione"}, //-destalias
-        {"destination.key.password",
-                "password chiave di destinazione"}, //-destkeypass
-        {"destination.keystore.name",
-                "nome keystore di destinazione"}, //-destkeystore
-        {"destination.keystore.password.protected",
-                "password keystore di destinazione protetta"}, //-destprotected
-        {"destination.keystore.provider.name",
-                "nome provider keystore di destinazione"}, //-destprovidername
-        {"destination.keystore.password",
-                "password keystore di destinazione"}, //-deststorepass
-        {"destination.keystore.type",
-                "tipo keystore di destinazione"}, //-deststoretype
-        {"distinguished.name",
-                "nome distinto"}, //-dname
-        {"X.509.extension",
-                "estensione X.509"}, //-ext
-        {"output.file.name",
-                "nome file di output"}, //-file and -outfile
-        {"input.file.name",
-                "nome file di input"}, //-file and -infile
-        {"key.algorithm.name",
-                "nome algoritmo chiave"}, //-keyalg
-        {"key.password",
-                "password chiave"}, //-keypass
-        {"key.bit.size",
-                "dimensione bit chiave"}, //-keysize
-        {"keystore.name",
-                "nome keystore"}, //-keystore
-        {"new.password",
-                "nuova password"}, //-new
-        {"do.not.prompt",
-                "non richiedere"}, //-noprompt
-        {"password.through.protected.mechanism",
-                "password mediante meccanismo protetto"}, //-protected
-        {"provider.argument",
-                "argomento provider"}, //-providerarg
-        {"provider.class.name",
-                "nome classe provider"}, //-providerclass
-        {"provider.name",
-                "nome provider"}, //-providername
-        {"provider.classpath",
-                "classpath provider"}, //-providerpath
-        {"output.in.RFC.style",
-                "output in stile RFC"}, //-rfc
-        {"signature.algorithm.name",
-                "nome algoritmo firma"}, //-sigalg
-        {"source.alias",
-                "alias origine"}, //-srcalias
-        {"source.key.password",
-                "password chiave di origine"}, //-srckeypass
-        {"source.keystore.name",
-                "nome keystore di origine"}, //-srckeystore
-        {"source.keystore.password.protected",
-                "password keystore di origine protetta"}, //-srcprotected
-        {"source.keystore.provider.name",
-                "nome provider keystore di origine"}, //-srcprovidername
-        {"source.keystore.password",
-                "password keystore di origine"}, //-srcstorepass
-        {"source.keystore.type",
-                "tipo keystore di origine"}, //-srcstoretype
-        {"SSL.server.host.and.port",
-                "host e porta server SSL"}, //-sslserver
-        {"signed.jar.file",
-                "file jar firmato"}, //=jarfile
-        {"certificate.validity.start.date.time",
-                "data/ora di inizio validit\u00E0 certificato"}, //-startdate
-        {"keystore.password",
-                "password keystore"}, //-storepass
-        {"keystore.type",
-                "tipo keystore"}, //-storetype
-        {"trust.certificates.from.cacerts",
-                "considera sicuri i certificati da cacerts"}, //-trustcacerts
-        {"verbose.output",
-                "output descrittivo"}, //-v
-        {"validity.number.of.days",
-                "numero di giorni di validit\u00E0"}, //-validity
-        {"Serial.ID.of.cert.to.revoke",
-                 "ID seriale del certificato da revocare"}, //-id
-        // keytool: Running part
-        {"keytool.error.", "Errore keytool: "},
-        {"Illegal.option.", "Opzione non valida:  "},
-        {"Illegal.value.", "Valore non valido: "},
-        {"Unknown.password.type.", "Tipo di password sconosciuto: "},
-        {"Cannot.find.environment.variable.",
-                "Impossibile trovare la variabile di ambiente: "},
-        {"Cannot.find.file.", "Impossibile trovare il file: "},
-        {"Command.option.flag.needs.an.argument.", "\u00C8 necessario specificare un argomento per l''opzione di comando {0}."},
-        {"Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value.",
-                "Avvertenza: non sono supportate password diverse di chiave e di archivio per i keystore PKCS12. Il valore {0} specificato dall''utente verr\u00E0 ignorato."},
-        {".keystore.must.be.NONE.if.storetype.is.{0}",
-                "Se -storetype \u00E8 impostato su {0}, -keystore deve essere impostato su NONE"},
-        {"Too.many.retries.program.terminated",
-                 "Il numero dei tentativi consentiti \u00E8 stato superato. Il programma verr\u00E0 terminato."},
-        {".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}",
-                "Se -storetype \u00E8 impostato su {0}, i comandi -storepasswd e -keypasswd non sono supportati"},
-        {".keypasswd.commands.not.supported.if.storetype.is.PKCS12",
-                "Se -storetype \u00E8 impostato su PKCS12 i comandi -keypasswd non vengono supportati"},
-        {".keypass.and.new.can.not.be.specified.if.storetype.is.{0}",
-                "Se -storetype \u00E8 impostato su {0}, non \u00E8 possibile specificare un valore per -keypass e -new"},
-        {"if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified",
-                "Se \u00E8 specificata l'opzione -protected, le opzioni -storepass, -keypass e -new non possono essere specificate"},
-        {"if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified",
-                "Se viene specificato -srcprotected, -srcstorepass e -srckeypass non dovranno essere specificati"},
-        {"if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified",
-                "Se il file keystore non \u00E8 protetto da password, non deve essere specificato alcun valore per -storepass, -keypass e -new"},
-        {"if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified",
-                "Se il file keystore non \u00E8 protetto da password, non deve essere specificato alcun valore per -srcstorepass e -srckeypass"},
-        {"Illegal.startdate.value", "Valore di data di inizio non valido"},
-        {"Validity.must.be.greater.than.zero",
-                "La validit\u00E0 deve essere maggiore di zero"},
-        {"provName.not.a.provider", "{0} non \u00E8 un provider"},
-        {"Usage.error.no.command.provided", "Errore di utilizzo: nessun comando specificato"},
-        {"Source.keystore.file.exists.but.is.empty.", "Il file keystore di origine esiste, ma \u00E8 vuoto: "},
-        {"Please.specify.srckeystore", "Specificare -srckeystore"},
-        {"Must.not.specify.both.v.and.rfc.with.list.command",
-                "Impossibile specificare sia -v sia -rfc con il comando 'list'"},
-        {"Key.password.must.be.at.least.6.characters",
-                "La password della chiave deve contenere almeno 6 caratteri"},
-        {"New.password.must.be.at.least.6.characters",
-                "La nuova password deve contenere almeno 6 caratteri"},
-        {"Keystore.file.exists.but.is.empty.",
-                "Il file keystore esiste ma \u00E8 vuoto: "},
-        {"Keystore.file.does.not.exist.",
-                "Il file keystore non esiste: "},
-        {"Must.specify.destination.alias", "\u00C8 necessario specificare l'alias di destinazione"},
-        {"Must.specify.alias", "\u00C8 necessario specificare l'alias"},
-        {"Keystore.password.must.be.at.least.6.characters",
-                "La password del keystore deve contenere almeno 6 caratteri"},
-        {"Enter.keystore.password.", "Immettere la password del keystore:  "},
-        {"Enter.source.keystore.password.", "Immettere la password del keystore di origine:  "},
-        {"Enter.destination.keystore.password.", "Immettere la password del keystore di destinazione:  "},
-        {"Keystore.password.is.too.short.must.be.at.least.6.characters",
-         "La password del keystore \u00E8 troppo corta - deve contenere almeno 6 caratteri"},
-        {"Unknown.Entry.Type", "Tipo di voce sconosciuto"},
-        {"Too.many.failures.Alias.not.changed", "Numero eccessivo di errori. L'alias non \u00E8 stato modificato."},
-        {"Entry.for.alias.alias.successfully.imported.",
-                 "La voce dell''alias {0} \u00E8 stata importata."},
-        {"Entry.for.alias.alias.not.imported.", "La voce dell''alias {0} non \u00E8 stata importata."},
-        {"Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported.",
-                 "Si \u00E8 verificato un problema durante l''importazione della voce dell''alias {0}: {1}.\nLa voce dell''alias {0} non \u00E8 stata importata."},
-        {"Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled",
-                 "Comando di importazione completato: {0} voce/i importata/e, {1} voce/i non importata/e o annullata/e"},
-        {"Warning.Overwriting.existing.alias.alias.in.destination.keystore",
-                 "Avvertenza: sovrascrittura in corso dell''alias {0} nel file keystore di destinazione"},
-        {"Existing.entry.alias.alias.exists.overwrite.no.",
-                 "La voce dell''alias {0} esiste gi\u00E0. Sovrascrivere? [no]:  "},
-        {"Too.many.failures.try.later", "Troppi errori - riprovare"},
-        {"Certification.request.stored.in.file.filename.",
-                "La richiesta di certificazione \u00E8 memorizzata nel file <{0}>"},
-        {"Submit.this.to.your.CA", "Sottomettere alla propria CA"},
-        {"if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified",
-            "Se l'alias non \u00E8 specificato, destalias, srckeypass e destkeypass non dovranno essere specificati"},
-        {"Certificate.stored.in.file.filename.",
-                "Il certificato \u00E8 memorizzato nel file <{0}>"},
-        {"Certificate.reply.was.installed.in.keystore",
-                "La risposta del certificato \u00E8 stata installata nel keystore"},
-        {"Certificate.reply.was.not.installed.in.keystore",
-                "La risposta del certificato non \u00E8 stata installata nel keystore"},
-        {"Certificate.was.added.to.keystore",
-                "Il certificato \u00E8 stato aggiunto al keystore"},
-        {"Certificate.was.not.added.to.keystore",
-                "Il certificato non \u00E8 stato aggiunto al keystore"},
-        {".Storing.ksfname.", "[Memorizzazione di {0}] in corso"},
-        {"alias.has.no.public.key.certificate.",
-                "{0} non dispone di chiave pubblica (certificato)"},
-        {"Cannot.derive.signature.algorithm",
-                "Impossibile derivare l'algoritmo di firma"},
-        {"Alias.alias.does.not.exist",
-                "L''alias <{0}> non esiste"},
-        {"Alias.alias.has.no.certificate",
-                "L''alias <{0}> non dispone di certificato"},
-        {"Key.pair.not.generated.alias.alias.already.exists",
-                "Non \u00E8 stata generata la coppia di chiavi, l''alias <{0}> \u00E8 gi\u00E0 esistente"},
-        {"Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for",
-                "Generazione in corso di una coppia di chiavi {1} da {0} bit e di un certificato autofirmato ({2}) con una validit\u00E0 di {3} giorni\n\tper: {4}"},
-        {"Enter.key.password.for.alias.", "Immettere la password della chiave per <{0}>"},
-        {".RETURN.if.same.as.keystore.password.",
-                "\t(INVIO se corrisponde alla password del keystore):  "},
-        {"Key.password.is.too.short.must.be.at.least.6.characters",
-                "La password della chiave \u00E8 troppo corta - deve contenere almeno 6 caratteri"},
-        {"Too.many.failures.key.not.added.to.keystore",
-                "Troppi errori - la chiave non \u00E8 stata aggiunta al keystore"},
-        {"Destination.alias.dest.already.exists",
-                "L''alias di destinazione <{0}> \u00E8 gi\u00E0 esistente"},
-        {"Password.is.too.short.must.be.at.least.6.characters",
-                "La password \u00E8 troppo corta - deve contenere almeno 6 caratteri"},
-        {"Too.many.failures.Key.entry.not.cloned",
-                "Numero eccessivo di errori. Il valore della chiave non \u00E8 stato copiato."},
-        {"key.password.for.alias.", "password della chiave per <{0}>"},
-        {"Keystore.entry.for.id.getName.already.exists",
-                "La voce del keystore per <{0}> esiste gi\u00E0"},
-        {"Creating.keystore.entry.for.id.getName.",
-                "Creazione della voce del keystore per <{0}> in corso..."},
-        {"No.entries.from.identity.database.added",
-                "Nessuna voce aggiunta dal database delle identit\u00E0"},
-        {"Alias.name.alias", "Nome alias: {0}"},
-        {"Creation.date.keyStore.getCreationDate.alias.",
-                "Data di creazione: {0,date}"},
-        {"alias.keyStore.getCreationDate.alias.",
-                "{0}, {1,date}, "},
-        {"alias.", "{0}, "},
-        {"Entry.type.type.", "Tipo di voce: {0}"},
-        {"Certificate.chain.length.", "Lunghezza catena certificati: "},
-        {"Certificate.i.1.", "Certificato[{0,number,integer}]:"},
-        {"Certificate.fingerprint.SHA1.", "Impronta digitale certificato (SHA1): "},
-        {"Keystore.type.", "Tipo keystore: "},
-        {"Keystore.provider.", "Provider keystore: "},
-        {"Your.keystore.contains.keyStore.size.entry",
-                "Il keystore contiene {0,number,integer} voce"},
-        {"Your.keystore.contains.keyStore.size.entries",
-                "Il keystore contiene {0,number,integer} voci"},
-        {"Failed.to.parse.input", "Impossibile analizzare l'input"},
-        {"Empty.input", "Input vuoto"},
-        {"Not.X.509.certificate", "Il certificato non \u00E8 X.509"},
-        {"alias.has.no.public.key", "{0} non dispone di chiave pubblica"},
-        {"alias.has.no.X.509.certificate", "{0} non dispone di certificato X.509"},
-        {"New.certificate.self.signed.", "Nuovo certificato (autofirmato):"},
-        {"Reply.has.no.certificates", "La risposta non dispone di certificati"},
-        {"Certificate.not.imported.alias.alias.already.exists",
-                "Impossibile importare il certificato, l''alias <{0}> \u00E8 gi\u00E0 esistente"},
-        {"Input.not.an.X.509.certificate", "L'input non \u00E8 un certificato X.509"},
-        {"Certificate.already.exists.in.keystore.under.alias.trustalias.",
-                "Il certificato esiste gi\u00E0 nel keystore con alias <{0}>"},
-        {"Do.you.still.want.to.add.it.no.",
-                "Aggiungerlo ugualmente? [no]:  "},
-        {"Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias.",
-                "Il certificato esiste gi\u00E0 nel keystore CA con alias <{0}>"},
-        {"Do.you.still.want.to.add.it.to.your.own.keystore.no.",
-                "Aggiungerlo al proprio keystore? [no]:  "},
-        {"Trust.this.certificate.no.", "Considerare sicuro questo certificato? [no]:  "},
-        {"YES", "S\u00EC"},
-        {"New.prompt.", "Nuova {0}: "},
-        {"Passwords.must.differ", "Le password non devono coincidere"},
-        {"Re.enter.new.prompt.", "Reimmettere un nuovo valore per {0}: "},
-        {"Re.enter.new.password.", "Immettere nuovamente la nuova password: "},
-        {"They.don.t.match.Try.again", "Non corrispondono. Riprovare."},
-        {"Enter.prompt.alias.name.", "Immettere nome alias {0}:  "},
-        {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
-                 "Immettere un nuovo nome alias\t(premere INVIO per annullare l'importazione della voce):  "},
-        {"Enter.alias.name.", "Immettere nome alias:  "},
-        {".RETURN.if.same.as.for.otherAlias.",
-                "\t(INVIO se corrisponde al nome di <{0}>"},
-        {".PATTERN.printX509Cert",
-                "Proprietario: {0}\nAutorit\u00E0 emittente: {1}\nNumero di serie: {2}\nValido da: {3} a: {4}\nImpronte digitali certificato:\n\t MD5:  {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t Nome algoritmo firma: {8}\n\t Versione: {9}"},
-        {"What.is.your.first.and.last.name.",
-                "Specificare nome e cognome"},
-        {"What.is.the.name.of.your.organizational.unit.",
-                "Specificare il nome dell'unit\u00E0 organizzativa"},
-        {"What.is.the.name.of.your.organization.",
-                "Specificare il nome dell'organizzazione"},
-        {"What.is.the.name.of.your.City.or.Locality.",
-                "Specificare la localit\u00E0"},
-        {"What.is.the.name.of.your.State.or.Province.",
-                "Specificare la provincia"},
-        {"What.is.the.two.letter.country.code.for.this.unit.",
-                "Specificare il codice a due lettere del paese in cui si trova l'unit\u00E0"},
-        {"Is.name.correct.", "Il dato {0} \u00E8 corretto?"},
-        {"no", "no"},
-        {"yes", "s\u00EC"},
-        {"y", "s"},
-        {".defaultValue.", "  [{0}]:  "},
-        {"Alias.alias.has.no.key",
-                "All''alias <{0}> non \u00E8 associata alcuna chiave"},
-        {"Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key",
-                 "L''alias <{0}> fa riferimento a un tipo di voce che non \u00E8 una voce di chiave privata. Il comando -keyclone supporta solo la copia delle voci di chiave private."},
-
-        {".WARNING.WARNING.WARNING.",
-            "*****************  Avvertenza Avvertenza Avvertenza  *****************"},
-        {"Signer.d.", "Firmatario #%d:"},
-        {"Timestamp.", "Indicatore orario:"},
-        {"Signature.", "Firma:"},
-        {"CRLs.", "CRL:"},
-        {"Certificate.owner.", "Proprietario certificato: "},
-        {"Not.a.signed.jar.file", "Non \u00E8 un file jar firmato"},
-        {"No.certificate.from.the.SSL.server",
-                "Nessun certificato dal server SSL"},
-
-        {".The.integrity.of.the.information.stored.in.your.keystore.",
-            "* L'integrit\u00E0 delle informazioni memorizzate nel keystore *\n* NON \u00E8 stata verificata. Per verificarne l'integrit\u00E0 *\n* \u00E8 necessario fornire la password del keystore.                  *"},
-        {".The.integrity.of.the.information.stored.in.the.srckeystore.",
-            "* L'integrit\u00E0 delle informazioni memorizzate nel srckeystore *\n* NON \u00E8 stata verificata. Per verificarne l'integrit\u00E0 *\n* \u00E8 necessario fornire la password del srckeystore.                  *"},
-
-        {"Certificate.reply.does.not.contain.public.key.for.alias.",
-                "La risposta del certificato non contiene la chiave pubblica per <{0}>"},
-        {"Incomplete.certificate.chain.in.reply",
-                "Catena dei certificati incompleta nella risposta"},
-        {"Certificate.chain.in.reply.does.not.verify.",
-                "La catena dei certificati nella risposta non verifica: "},
-        {"Top.level.certificate.in.reply.",
-                "Certificato di primo livello nella risposta:\n"},
-        {".is.not.trusted.", "...non \u00E8 considerato sicuro. "},
-        {"Install.reply.anyway.no.", "Installare la risposta? [no]:  "},
-        {"NO", "No"},
-        {"Public.keys.in.reply.and.keystore.don.t.match",
-                "Le chiavi pubbliche nella risposta e nel keystore non corrispondono"},
-        {"Certificate.reply.and.certificate.in.keystore.are.identical",
-                "La risposta del certificato e il certificato nel keystore sono identici"},
-        {"Failed.to.establish.chain.from.reply",
-                "Impossibile stabilire la catena dalla risposta"},
-        {"n", "n"},
-        {"Wrong.answer.try.again", "Risposta errata, riprovare"},
-        {"Secret.key.not.generated.alias.alias.already.exists",
-                "La chiave segreta non \u00E8 stata generata; l''alias <{0}> esiste gi\u00E0"},
-        {"Please.provide.keysize.for.secret.key.generation",
-                "Specificare il valore -keysize per la generazione della chiave segreta"},
-
-        {"Extensions.", "Estensioni: "},
-        {".Empty.value.", "(valore vuoto)"},
-        {"Extension.Request.", "Richiesta di estensione:"},
-        {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
-                "Richiesta di certificato PKCS #10 (versione 1.0)\nOggetto: %s\nChiave pubblica: %s formato %s chiave\n"},
-        {"Unknown.keyUsage.type.", "Tipo keyUsage sconosciuto: "},
-        {"Unknown.extendedkeyUsage.type.", "Tipo extendedkeyUsage sconosciuto: "},
-        {"Unknown.AccessDescription.type.", "Tipo AccessDescription sconosciuto: "},
-        {"Unrecognized.GeneralName.type.", "Tipo GeneralName non riconosciuto: "},
-        {"This.extension.cannot.be.marked.as.critical.",
-                 "Impossibile contrassegnare questa estensione come critica. "},
-        {"Odd.number.of.hex.digits.found.", "\u00C8 stato trovato un numero dispari di cifre esadecimali: "},
-        {"Unknown.extension.type.", "Tipo di estensione sconosciuto: "},
-        {"command.{0}.is.ambiguous.", "il comando {0} \u00E8 ambiguo:"},
-
-        // policytool
-        {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.",
-                "Avvertenza: non esiste una chiave pubblica per l''alias {0}. Verificare che il keystore sia configurato correttamente."},
-        {"Warning.Class.not.found.class", "Avvertenza: classe non trovata: {0}"},
-        {"Warning.Invalid.argument.s.for.constructor.arg",
-                "Avvertenza: argomento o argomenti non validi per il costruttore {0}"},
-        {"Illegal.Principal.Type.type", "Tipo principal non valido: {0}"},
-        {"Illegal.option.option", "Opzione non valida: {0}"},
-        {"Usage.policytool.options.", "Utilizzo: policytool [opzioni]"},
-        {".file.file.policy.file.location",
-                "  [-file <file>]    posizione del file dei criteri"},
-        {"New", "Nuovo"},
-        {"Open", "Apri"},
-        {"Save", "Salva"},
-        {"Save.As", "Salva con nome"},
-        {"View.Warning.Log", "Visualizza registro avvertenze"},
-        {"Exit", "Esci"},
-        {"Add.Policy.Entry", "Aggiungi voce dei criteri"},
-        {"Edit.Policy.Entry", "Modifica voce dei criteri"},
-        {"Remove.Policy.Entry", "Rimuovi voce dei criteri"},
-        {"Edit", "Modifica"},
-        {"Retain", "Mantieni"},
-
-        {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes",
-            "Avvertenza: il nome file pu\u00F2 includere barre rovesciate con escape. Non \u00E8 necessario eseguire l'escape delle barre rovesciate (se necessario lo strumento esegue l'escape dei caratteri al momento della scrittura del contenuto dei criteri nell'area di memorizzazione persistente).\n\nFare click su Mantieni per conservare il nome immesso, oppure su Modifica per modificare il nome."},
-
-        {"Add.Public.Key.Alias", "Aggiungi alias chiave pubblica"},
-        {"Remove.Public.Key.Alias", "Rimuovi alias chiave pubblica"},
-        {"File", "File"},
-        {"KeyStore", "Keystore"},
-        {"Policy.File.", "File dei criteri:"},
-        {"Could.not.open.policy.file.policyFile.e.toString.",
-                "Impossibile aprire il file di criteri {0}: {1}"},
-        {"Policy.Tool", "Strumento criteri"},
-        {"Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.",
-                "Si sono verificati errori durante l'apertura della configurazione dei criteri. Consultare il registro delle avvertenze per ulteriori informazioni."},
-        {"Error", "Errore"},
-        {"OK", "OK"},
-        {"Status", "Stato"},
-        {"Warning", "Avvertenza"},
-        {"Permission.",
-                "Autorizzazione:                                                       "},
-        {"Principal.Type.", "Tipo principal:"},
-        {"Principal.Name.", "Nome principal:"},
-        {"Target.Name.",
-                "Nome destinazione:                                                    "},
-        {"Actions.",
-                "Azioni:                                                             "},
-        {"OK.to.overwrite.existing.file.filename.",
-                "OK per sovrascrivere il file {0}?"},
-        {"Cancel", "Annulla"},
-        {"CodeBase.", "CodeBase:"},
-        {"SignedBy.", "SignedBy:"},
-        {"Add.Principal", "Aggiungi principal"},
-        {"Edit.Principal", "Modifica principal"},
-        {"Remove.Principal", "Rimuovi principal"},
-        {"Principals.", "Principal:"},
-        {".Add.Permission", "  Aggiungi autorizzazione"},
-        {".Edit.Permission", "  Modifica autorizzazione"},
-        {"Remove.Permission", "Rimuovi autorizzazione"},
-        {"Done", "Fine"},
-        {"KeyStore.URL.", "URL keystore:"},
-        {"KeyStore.Type.", "Tipo keystore:"},
-        {"KeyStore.Provider.", "Provider keystore:"},
-        {"KeyStore.Password.URL.", "URL password keystore:"},
-        {"Principals", "Principal:"},
-        {".Edit.Principal.", "  Modifica principal:"},
-        {".Add.New.Principal.", "  Aggiungi nuovo principal:"},
-        {"Permissions", "Autorizzazioni"},
-        {".Edit.Permission.", "  Modifica autorizzazione:"},
-        {".Add.New.Permission.", "  Aggiungi nuova autorizzazione:"},
-        {"Signed.By.", "Firmato da:"},
-        {"Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name",
-            "Impossibile specificare principal con una classe carattere jolly senza un nome carattere jolly"},
-        {"Cannot.Specify.Principal.without.a.Name",
-            "Impossibile specificare principal senza un nome"},
-        {"Permission.and.Target.Name.must.have.a.value",
-                "L'autorizzazione e il nome destinazione non possono essere nulli"},
-        {"Remove.this.Policy.Entry.", "Rimuovere questa voce dei criteri?"},
-        {"Overwrite.File", "Sovrascrivi file"},
-        {"Policy.successfully.written.to.filename",
-                "I criteri sono stati scritti in {0}"},
-        {"null.filename", "nome file nullo"},
-        {"Save.changes.", "Salvare le modifiche?"},
-        {"Yes", "S\u00EC"},
-        {"No", "No"},
-        {"Policy.Entry", "Voce dei criteri"},
-        {"Save.Changes", "Salva le modifiche"},
-        {"No.Policy.Entry.selected", "Nessuna voce dei criteri selezionata"},
-        {"Unable.to.open.KeyStore.ex.toString.",
-                "Impossibile aprire il keystore: {0}"},
-        {"No.principal.selected", "Nessun principal selezionato"},
-        {"No.permission.selected", "Nessuna autorizzazione selezionata"},
-        {"name", "nome"},
-        {"configuration.type", "tipo di configurazione"},
-        {"environment.variable.name", "nome variabile ambiente"},
-        {"library.name", "nome libreria"},
-        {"package.name", "nome package"},
-        {"policy.type", "tipo di criteri"},
-        {"property.name", "nome propriet\u00E0"},
-        {"Principal.List", "Lista principal"},
-        {"Permission.List", "Lista autorizzazioni"},
-        {"Code.Base", "Codebase"},
-        {"KeyStore.U.R.L.", "URL keystore:"},
-        {"KeyStore.Password.U.R.L.", "URL password keystore:"},
-
-
         // javax.security.auth.PrivateCredentialPermission
         {"invalid.null.input.s.", "input nullo/i non valido/i"},
         {"actions.can.only.be.read.", "le azioni possono essere solamente 'lette'"},
@@ -553,6 +58,7 @@
         {"provided.null.OID.map", "specificata mappa OID null"},
 
         // javax.security.auth.Subject
+        {"NEWLINE", "\n"},
         {"invalid.null.AccessControlContext.provided",
                 "fornito un valore nullo non valido per AccessControlContext"},
         {"invalid.null.action.provided", "fornita un'azione nulla non valida"},
@@ -656,6 +162,7 @@
      *
      * @return the contents of this <code>ResourceBundle</code>.
      */
+    @Override
     public Object[][] getContents() {
         return contents;
     }
--- a/jdk/src/share/classes/sun/security/util/Resources_ja.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/src/share/classes/sun/security/util/Resources_ja.java	Sun Oct 14 22:58:59 2012 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -34,501 +34,6 @@
 
     private static final Object[][] contents = {
 
-        // shared (from jarsigner)
-        {"SPACE", " "},
-        {"2SPACE", "  "},
-        {"6SPACE", "      "},
-        {"COMMA", ", "},
-        // shared (from keytool)
-        {"NEWLINE", "\n"},
-        {"STAR",
-                "*******************************************"},
-        {"STARNN",
-                "*******************************************\n\n"},
-
-        // keytool: Help part
-// "Option" should be translated.
-        {".OPTION.", " [\u30AA\u30D7\u30B7\u30E7\u30F3]..."},
-        {"Options.", "\u30AA\u30D7\u30B7\u30E7\u30F3:"},
-        {"Use.keytool.help.for.all.available.commands",
-                 "\u4F7F\u7528\u53EF\u80FD\u306A\u3059\u3079\u3066\u306E\u30B3\u30DE\u30F3\u30C9\u306B\u3064\u3044\u3066\u306F\"keytool -help\"\u3092\u4F7F\u7528\u3057\u3066\u304F\u3060\u3055\u3044"},
-        {"Key.and.Certificate.Management.Tool",
-                 "\u30AD\u30FC\u304A\u3088\u3073\u8A3C\u660E\u66F8\u7BA1\u7406\u30C4\u30FC\u30EB"},
-        {"Commands.", "\u30B3\u30DE\u30F3\u30C9:"},
-        {"Use.keytool.command.name.help.for.usage.of.command.name",
-                "command_name\u306E\u4F7F\u7528\u65B9\u6CD5\u306B\u3064\u3044\u3066\u306F\"keytool -command_name -help\"\u3092\u4F7F\u7528\u3057\u3066\u304F\u3060\u3055\u3044"},
-        // keytool: help: commands
-        {"Generates.a.certificate.request",
-                "\u8A3C\u660E\u66F8\u30EA\u30AF\u30A8\u30B9\u30C8\u3092\u751F\u6210\u3057\u307E\u3059"}, //-certreq
-        {"Changes.an.entry.s.alias",
-                "\u30A8\u30F3\u30C8\u30EA\u306E\u5225\u540D\u3092\u5909\u66F4\u3057\u307E\u3059"}, //-changealias
-        {"Deletes.an.entry",
-                "\u30A8\u30F3\u30C8\u30EA\u3092\u524A\u9664\u3057\u307E\u3059"}, //-delete
-        {"Exports.certificate",
-                "\u8A3C\u660E\u66F8\u3092\u30A8\u30AF\u30B9\u30DD\u30FC\u30C8\u3057\u307E\u3059"}, //-exportcert
-        {"Generates.a.key.pair",
-                "\u9375\u30DA\u30A2\u3092\u751F\u6210\u3057\u307E\u3059"}, //-genkeypair
-// translation of "secret" key should be different to "private" key.
-        {"Generates.a.secret.key",
-                "\u79D8\u5BC6\u9375\u3092\u751F\u6210\u3057\u307E\u3059"}, //-genseckey
-        {"Generates.certificate.from.a.certificate.request",
-                "\u8A3C\u660E\u66F8\u30EA\u30AF\u30A8\u30B9\u30C8\u304B\u3089\u8A3C\u660E\u66F8\u3092\u751F\u6210\u3057\u307E\u3059"}, //-gencert
-        {"Generates.CRL", "CRL\u3092\u751F\u6210\u3057\u307E\u3059"}, //-gencrl
-        {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
-                "JDK 1.1.x-style\u30A2\u30A4\u30C7\u30F3\u30C6\u30A3\u30C6\u30A3\u30FB\u30C7\u30FC\u30BF\u30D9\u30FC\u30B9\u304B\u3089\u30A8\u30F3\u30C8\u30EA\u3092\u30A4\u30F3\u30DD\u30FC\u30C8\u3057\u307E\u3059"}, //-identitydb
-        {"Imports.a.certificate.or.a.certificate.chain",
-                "\u8A3C\u660E\u66F8\u307E\u305F\u306F\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u3092\u30A4\u30F3\u30DD\u30FC\u30C8\u3057\u307E\u3059"}, //-importcert
-        {"Imports.one.or.all.entries.from.another.keystore",
-                "\u5225\u306E\u30AD\u30FC\u30B9\u30C8\u30A2\u304B\u30891\u3064\u307E\u305F\u306F\u3059\u3079\u3066\u306E\u30A8\u30F3\u30C8\u30EA\u3092\u30A4\u30F3\u30DD\u30FC\u30C8\u3057\u307E\u3059"}, //-importkeystore
-        {"Clones.a.key.entry",
-                "\u9375\u30A8\u30F3\u30C8\u30EA\u306E\u30AF\u30ED\u30FC\u30F3\u3092\u4F5C\u6210\u3057\u307E\u3059"}, //-keyclone
-        {"Changes.the.key.password.of.an.entry",
-                "\u30A8\u30F3\u30C8\u30EA\u306E\u9375\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u5909\u66F4\u3057\u307E\u3059"}, //-keypasswd
-        {"Lists.entries.in.a.keystore",
-                "\u30AD\u30FC\u30B9\u30C8\u30A2\u5185\u306E\u30A8\u30F3\u30C8\u30EA\u3092\u30EA\u30B9\u30C8\u3057\u307E\u3059"}, //-list
-        {"Prints.the.content.of.a.certificate",
-                "\u8A3C\u660E\u66F8\u306E\u5185\u5BB9\u3092\u51FA\u529B\u3057\u307E\u3059"}, //-printcert
-        {"Prints.the.content.of.a.certificate.request",
-                "\u8A3C\u660E\u66F8\u30EA\u30AF\u30A8\u30B9\u30C8\u306E\u5185\u5BB9\u3092\u51FA\u529B\u3057\u307E\u3059"}, //-printcertreq
-        {"Prints.the.content.of.a.CRL.file",
-                "CRL\u30D5\u30A1\u30A4\u30EB\u306E\u5185\u5BB9\u3092\u51FA\u529B\u3057\u307E\u3059"}, //-printcrl
-        {"Generates.a.self.signed.certificate",
-                "\u81EA\u5DF1\u7F72\u540D\u578B\u8A3C\u660E\u66F8\u3092\u751F\u6210\u3057\u307E\u3059"}, //-selfcert
-        {"Changes.the.store.password.of.a.keystore",
-                "\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30B9\u30C8\u30A2\u30FB\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u5909\u66F4\u3057\u307E\u3059"}, //-storepasswd
-        // keytool: help: options
-        {"alias.name.of.the.entry.to.process",
-                "\u51E6\u7406\u3059\u308B\u30A8\u30F3\u30C8\u30EA\u306E\u5225\u540D"}, //-alias
-        {"destination.alias",
-                "\u51FA\u529B\u5148\u306E\u5225\u540D"}, //-destalias
-        {"destination.key.password",
-                "\u51FA\u529B\u5148\u30AD\u30FC\u306E\u30D1\u30B9\u30EF\u30FC\u30C9"}, //-destkeypass
-        {"destination.keystore.name",
-                "\u51FA\u529B\u5148\u30AD\u30FC\u30B9\u30C8\u30A2\u540D"}, //-destkeystore
-        {"destination.keystore.password.protected",
-                "\u51FA\u529B\u5148\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u4FDD\u8B77\u5BFE\u8C61\u30D1\u30B9\u30EF\u30FC\u30C9"}, //-destprotected
-        {"destination.keystore.provider.name",
-                "\u51FA\u529B\u5148\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30D7\u30ED\u30D0\u30A4\u30C0\u540D"}, //-destprovidername
-        {"destination.keystore.password",
-                "\u51FA\u529B\u5148\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9"}, //-deststorepass
-        {"destination.keystore.type",
-                "\u51FA\u529B\u5148\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30BF\u30A4\u30D7"}, //-deststoretype
-        {"distinguished.name",
-                "\u8B58\u5225\u540D"}, //-dname
-        {"X.509.extension",
-                "X.509\u62E1\u5F35"}, //-ext
-        {"output.file.name",
-                "\u51FA\u529B\u30D5\u30A1\u30A4\u30EB\u540D"}, //-file and -outfile
-        {"input.file.name",
-                "\u5165\u529B\u30D5\u30A1\u30A4\u30EB\u540D"}, //-file and -infile
-        {"key.algorithm.name",
-                "\u9375\u30A2\u30EB\u30B4\u30EA\u30BA\u30E0\u540D"}, //-keyalg
-        {"key.password",
-                "\u9375\u306E\u30D1\u30B9\u30EF\u30FC\u30C9"}, //-keypass
-        {"key.bit.size",
-                "\u9375\u306E\u30D3\u30C3\u30C8\u30FB\u30B5\u30A4\u30BA"}, //-keysize
-        {"keystore.name",
-                "\u30AD\u30FC\u30B9\u30C8\u30A2\u540D"}, //-keystore
-        {"new.password",
-                "\u65B0\u898F\u30D1\u30B9\u30EF\u30FC\u30C9"}, //-new
-        {"do.not.prompt",
-                "\u30D7\u30ED\u30F3\u30D7\u30C8\u3092\u8868\u793A\u3057\u306A\u3044"}, //-noprompt
-        {"password.through.protected.mechanism",
-                "\u4FDD\u8B77\u30E1\u30AB\u30CB\u30BA\u30E0\u306B\u3088\u308B\u30D1\u30B9\u30EF\u30FC\u30C9"}, //-protected
-        {"provider.argument",
-                "\u30D7\u30ED\u30D0\u30A4\u30C0\u5F15\u6570"}, //-providerarg
-        {"provider.class.name",
-                "\u30D7\u30ED\u30D0\u30A4\u30C0\u30FB\u30AF\u30E9\u30B9\u540D"}, //-providerclass
-        {"provider.name",
-                "\u30D7\u30ED\u30D0\u30A4\u30C0\u540D"}, //-providername
-        {"provider.classpath",
-                "\u30D7\u30ED\u30D0\u30A4\u30C0\u30FB\u30AF\u30E9\u30B9\u30D1\u30B9"}, //-providerpath
-        {"output.in.RFC.style",
-                "RFC\u30B9\u30BF\u30A4\u30EB\u306E\u51FA\u529B"}, //-rfc
-        {"signature.algorithm.name",
-                "\u7F72\u540D\u30A2\u30EB\u30B4\u30EA\u30BA\u30E0\u540D"}, //-sigalg
-        {"source.alias",
-                "\u30BD\u30FC\u30B9\u5225\u540D"}, //-srcalias
-        {"source.key.password",
-                "\u30BD\u30FC\u30B9\u30FB\u30AD\u30FC\u306E\u30D1\u30B9\u30EF\u30FC\u30C9"}, //-srckeypass
-        {"source.keystore.name",
-                "\u30BD\u30FC\u30B9\u30FB\u30AD\u30FC\u30B9\u30C8\u30A2\u540D"}, //-srckeystore
-        {"source.keystore.password.protected",
-                "\u30BD\u30FC\u30B9\u30FB\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u4FDD\u8B77\u5BFE\u8C61\u30D1\u30B9\u30EF\u30FC\u30C9"}, //-srcprotected
-        {"source.keystore.provider.name",
-                "\u30BD\u30FC\u30B9\u30FB\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30D7\u30ED\u30D0\u30A4\u30C0\u540D"}, //-srcprovidername
-        {"source.keystore.password",
-                "\u30BD\u30FC\u30B9\u30FB\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9"}, //-srcstorepass
-        {"source.keystore.type",
-                "\u30BD\u30FC\u30B9\u30FB\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30BF\u30A4\u30D7"}, //-srcstoretype
-        {"SSL.server.host.and.port",
-                "SSL\u30B5\u30FC\u30D0\u30FC\u306E\u30DB\u30B9\u30C8\u3068\u30DD\u30FC\u30C8"}, //-sslserver
-        {"signed.jar.file",
-                "\u7F72\u540D\u4ED8\u304DJAR\u30D5\u30A1\u30A4\u30EB"}, //=jarfile
-        {"certificate.validity.start.date.time",
-                "\u8A3C\u660E\u66F8\u306E\u6709\u52B9\u958B\u59CB\u65E5\u6642"}, //-startdate
-        {"keystore.password",
-                "\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9"}, //-storepass
-        {"keystore.type",
-                "\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30BF\u30A4\u30D7"}, //-storetype
-        {"trust.certificates.from.cacerts",
-                "cacerts\u304B\u3089\u306E\u8A3C\u660E\u66F8\u3092\u4FE1\u983C\u3059\u308B"}, //-trustcacerts
-        {"verbose.output",
-                "\u8A73\u7D30\u51FA\u529B"}, //-v
-        {"validity.number.of.days",
-                "\u59A5\u5F53\u6027\u65E5\u6570"}, //-validity
-        {"Serial.ID.of.cert.to.revoke",
-                 "\u5931\u52B9\u3059\u308B\u8A3C\u660E\u66F8\u306E\u30B7\u30EA\u30A2\u30EBID"}, //-id
-        // keytool: Running part
-        {"keytool.error.", "keytool\u30A8\u30E9\u30FC: "},
-        {"Illegal.option.", "\u4E0D\u6B63\u306A\u30AA\u30D7\u30B7\u30E7\u30F3:  "},
-        {"Illegal.value.", "\u4E0D\u6B63\u306A\u5024: "},
-        {"Unknown.password.type.", "\u4E0D\u660E\u306A\u30D1\u30B9\u30EF\u30FC\u30C9\u30FB\u30BF\u30A4\u30D7: "},
-        {"Cannot.find.environment.variable.",
-                "\u74B0\u5883\u5909\u6570\u304C\u898B\u3064\u304B\u308A\u307E\u305B\u3093: "},
-        {"Cannot.find.file.", "\u30D5\u30A1\u30A4\u30EB\u304C\u898B\u3064\u304B\u308A\u307E\u305B\u3093: "},
-        {"Command.option.flag.needs.an.argument.", "\u30B3\u30DE\u30F3\u30C9\u30FB\u30AA\u30D7\u30B7\u30E7\u30F3{0}\u306B\u306F\u5F15\u6570\u304C\u5FC5\u8981\u3067\u3059\u3002"},
-        {"Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value.",
-                "\u8B66\u544A: PKCS12\u30AD\u30FC\u30B9\u30C8\u30A2\u3067\u306F\u3001\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u3068\u9375\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u304C\u7570\u306A\u308B\u72B6\u6CC1\u306F\u30B5\u30DD\u30FC\u30C8\u3055\u308C\u307E\u305B\u3093\u3002\u30E6\u30FC\u30B6\u30FC\u304C\u6307\u5B9A\u3057\u305F{0}\u306E\u5024\u306F\u7121\u8996\u3057\u307E\u3059\u3002"},
-        {".keystore.must.be.NONE.if.storetype.is.{0}",
-                "-storetype\u304C{0}\u306E\u5834\u5408\u3001-keystore\u306FNONE\u3067\u3042\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059"},
-        {"Too.many.retries.program.terminated",
-                 "\u518D\u8A66\u884C\u304C\u591A\u3059\u304E\u307E\u3059\u3002\u30D7\u30ED\u30B0\u30E9\u30E0\u304C\u7D42\u4E86\u3057\u307E\u3057\u305F"},
-        {".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}",
-                "-storetype\u304C{0}\u306E\u5834\u5408\u3001-storepasswd\u30B3\u30DE\u30F3\u30C9\u304A\u3088\u3073-keypasswd\u30B3\u30DE\u30F3\u30C9\u306F\u30B5\u30DD\u30FC\u30C8\u3055\u308C\u307E\u305B\u3093"},
-        {".keypasswd.commands.not.supported.if.storetype.is.PKCS12",
-                "-storetype\u304CPKCS12\u306E\u5834\u5408\u3001-keypasswd\u30B3\u30DE\u30F3\u30C9\u306F\u30B5\u30DD\u30FC\u30C8\u3055\u308C\u307E\u305B\u3093"},
-        {".keypass.and.new.can.not.be.specified.if.storetype.is.{0}",
-                "-storetype\u304C{0}\u306E\u5834\u5408\u3001-keypass\u3068-new\u306F\u6307\u5B9A\u3067\u304D\u307E\u305B\u3093"},
-        {"if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified",
-                "-protected\u304C\u6307\u5B9A\u3055\u308C\u3066\u3044\u308B\u5834\u5408\u3001-storepass\u3001-keypass\u304A\u3088\u3073-new\u306F\u6307\u5B9A\u3067\u304D\u307E\u305B\u3093"},
-        {"if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified",
-                "-srcprotected\u304C\u6307\u5B9A\u3055\u308C\u3066\u3044\u308B\u5834\u5408\u3001-srcstorepass\u304A\u3088\u3073-srckeypass\u306F\u6307\u5B9A\u3067\u304D\u307E\u305B\u3093"},
-        {"if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified",
-                "\u30AD\u30FC\u30B9\u30C8\u30A2\u304C\u30D1\u30B9\u30EF\u30FC\u30C9\u3067\u4FDD\u8B77\u3055\u308C\u3066\u3044\u306A\u3044\u5834\u5408\u3001-storepass\u3001-keypass\u304A\u3088\u3073-new\u306F\u6307\u5B9A\u3067\u304D\u307E\u305B\u3093"},
-        {"if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified",
-                "\u30BD\u30FC\u30B9\u30FB\u30AD\u30FC\u30B9\u30C8\u30A2\u304C\u30D1\u30B9\u30EF\u30FC\u30C9\u3067\u4FDD\u8B77\u3055\u308C\u3066\u3044\u306A\u3044\u5834\u5408\u3001-srcstorepass\u304A\u3088\u3073-srckeypass\u306F\u6307\u5B9A\u3067\u304D\u307E\u305B\u3093"},
-        {"Illegal.startdate.value", "startdate\u5024\u304C\u7121\u52B9\u3067\u3059"},
-        {"Validity.must.be.greater.than.zero",
-                "\u59A5\u5F53\u6027\u306F\u30BC\u30ED\u3088\u308A\u5927\u304D\u3044\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059"},
-        {"provName.not.a.provider", "{0}\u306F\u30D7\u30ED\u30D0\u30A4\u30C0\u3067\u306F\u3042\u308A\u307E\u305B\u3093"},
-        {"Usage.error.no.command.provided", "\u4F7F\u7528\u30A8\u30E9\u30FC: \u30B3\u30DE\u30F3\u30C9\u304C\u6307\u5B9A\u3055\u308C\u3066\u3044\u307E\u305B\u3093"},
-        {"Source.keystore.file.exists.but.is.empty.", "\u30BD\u30FC\u30B9\u30FB\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30D5\u30A1\u30A4\u30EB\u306F\u3001\u5B58\u5728\u3057\u307E\u3059\u304C\u7A7A\u3067\u3059: "},
-        {"Please.specify.srckeystore", "-srckeystore\u3092\u6307\u5B9A\u3057\u3066\u304F\u3060\u3055\u3044"},
-        {"Must.not.specify.both.v.and.rfc.with.list.command",
-                "'list'\u30B3\u30DE\u30F3\u30C9\u306B-v\u3068-rfc\u306E\u4E21\u65B9\u3092\u6307\u5B9A\u3059\u308B\u3053\u3068\u306F\u3067\u304D\u307E\u305B\u3093"},
-        {"Key.password.must.be.at.least.6.characters",
-                "\u9375\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u306F6\u6587\u5B57\u4EE5\u4E0A\u3067\u3042\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059"},
-        {"New.password.must.be.at.least.6.characters",
-                "\u65B0\u898F\u30D1\u30B9\u30EF\u30FC\u30C9\u306F6\u6587\u5B57\u4EE5\u4E0A\u3067\u3042\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059"},
-        {"Keystore.file.exists.but.is.empty.",
-                "\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30D5\u30A1\u30A4\u30EB\u306F\u5B58\u5728\u3057\u307E\u3059\u304C\u3001\u7A7A\u3067\u3059: "},
-        {"Keystore.file.does.not.exist.",
-                "\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30D5\u30A1\u30A4\u30EB\u306F\u5B58\u5728\u3057\u307E\u305B\u3093: "},
-        {"Must.specify.destination.alias", "\u51FA\u529B\u5148\u306E\u5225\u540D\u3092\u6307\u5B9A\u3059\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059"},
-        {"Must.specify.alias", "\u5225\u540D\u3092\u6307\u5B9A\u3059\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059"},
-        {"Keystore.password.must.be.at.least.6.characters",
-                "\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u306F6\u6587\u5B57\u4EE5\u4E0A\u3067\u3042\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059"},
-        {"Enter.keystore.password.", "\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044:  "},
-        {"Enter.source.keystore.password.", "\u30BD\u30FC\u30B9\u30FB\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044:  "},
-        {"Enter.destination.keystore.password.", "\u51FA\u529B\u5148\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044:  "},
-        {"Keystore.password.is.too.short.must.be.at.least.6.characters",
-         "\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u304C\u77ED\u3059\u304E\u307E\u3059 - 6\u6587\u5B57\u4EE5\u4E0A\u306B\u3057\u3066\u304F\u3060\u3055\u3044"},
-        {"Unknown.Entry.Type", "\u4E0D\u660E\u306A\u30A8\u30F3\u30C8\u30EA\u30FB\u30BF\u30A4\u30D7"},
-        {"Too.many.failures.Alias.not.changed", "\u969C\u5BB3\u304C\u591A\u3059\u304E\u307E\u3059\u3002\u5225\u540D\u306F\u5909\u66F4\u3055\u308C\u307E\u305B\u3093"},
-        {"Entry.for.alias.alias.successfully.imported.",
-                 "\u5225\u540D{0}\u306E\u30A8\u30F3\u30C8\u30EA\u306E\u30A4\u30F3\u30DD\u30FC\u30C8\u306B\u6210\u529F\u3057\u307E\u3057\u305F\u3002"},
-        {"Entry.for.alias.alias.not.imported.", "\u5225\u540D{0}\u306E\u30A8\u30F3\u30C8\u30EA\u306F\u30A4\u30F3\u30DD\u30FC\u30C8\u3055\u308C\u307E\u305B\u3093\u3067\u3057\u305F\u3002"},
-        {"Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported.",
-                 "\u5225\u540D{0}\u306E\u30A8\u30F3\u30C8\u30EA\u306E\u30A4\u30F3\u30DD\u30FC\u30C8\u4E2D\u306B\u554F\u984C\u304C\u767A\u751F\u3057\u307E\u3057\u305F: {1}\u3002\n\u5225\u540D{0}\u306E\u30A8\u30F3\u30C8\u30EA\u306F\u30A4\u30F3\u30DD\u30FC\u30C8\u3055\u308C\u307E\u305B\u3093\u3067\u3057\u305F\u3002"},
-        {"Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled",
-                 "\u30A4\u30F3\u30DD\u30FC\u30C8\u30FB\u30B3\u30DE\u30F3\u30C9\u304C\u5B8C\u4E86\u3057\u307E\u3057\u305F: {0}\u4EF6\u306E\u30A8\u30F3\u30C8\u30EA\u306E\u30A4\u30F3\u30DD\u30FC\u30C8\u304C\u6210\u529F\u3057\u307E\u3057\u305F\u3002{1}\u4EF6\u306E\u30A8\u30F3\u30C8\u30EA\u306E\u30A4\u30F3\u30DD\u30FC\u30C8\u304C\u5931\u6557\u3057\u305F\u304B\u53D6\u308A\u6D88\u3055\u308C\u307E\u3057\u305F"},
-        {"Warning.Overwriting.existing.alias.alias.in.destination.keystore",
-                 "\u8B66\u544A: \u51FA\u529B\u5148\u30AD\u30FC\u30B9\u30C8\u30A2\u5185\u306E\u65E2\u5B58\u306E\u5225\u540D{0}\u3092\u4E0A\u66F8\u304D\u3057\u3066\u3044\u307E\u3059"},
-        {"Existing.entry.alias.alias.exists.overwrite.no.",
-                 "\u65E2\u5B58\u306E\u30A8\u30F3\u30C8\u30EA\u306E\u5225\u540D{0}\u304C\u5B58\u5728\u3057\u3066\u3044\u307E\u3059\u3002\u4E0A\u66F8\u304D\u3057\u307E\u3059\u304B\u3002[\u3044\u3044\u3048]:  "},
-        {"Too.many.failures.try.later", "\u969C\u5BB3\u304C\u591A\u3059\u304E\u307E\u3059 - \u5F8C\u3067\u5B9F\u884C\u3057\u3066\u304F\u3060\u3055\u3044"},
-        {"Certification.request.stored.in.file.filename.",
-                "\u8A3C\u660E\u66F8\u30EA\u30AF\u30A8\u30B9\u30C8\u304C\u30D5\u30A1\u30A4\u30EB<{0}>\u306B\u4FDD\u5B58\u3055\u308C\u307E\u3057\u305F"},
-        {"Submit.this.to.your.CA", "\u3053\u308C\u3092CA\u306B\u63D0\u51FA\u3057\u3066\u304F\u3060\u3055\u3044"},
-        {"if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified",
-            "\u5225\u540D\u3092\u6307\u5B9A\u3057\u306A\u3044\u5834\u5408\u3001\u51FA\u529B\u5148\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u5225\u540D\u3001\u30BD\u30FC\u30B9\u30FB\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u304A\u3088\u3073\u51FA\u529B\u5148\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u306F\u6307\u5B9A\u3067\u304D\u307E\u305B\u3093"},
-        {"Certificate.stored.in.file.filename.",
-                "\u8A3C\u660E\u66F8\u304C\u30D5\u30A1\u30A4\u30EB<{0}>\u306B\u4FDD\u5B58\u3055\u308C\u307E\u3057\u305F"},
-        {"Certificate.reply.was.installed.in.keystore",
-                "\u8A3C\u660E\u66F8\u5FDC\u7B54\u304C\u30AD\u30FC\u30B9\u30C8\u30A2\u306B\u30A4\u30F3\u30B9\u30C8\u30FC\u30EB\u3055\u308C\u307E\u3057\u305F"},
-        {"Certificate.reply.was.not.installed.in.keystore",
-                "\u8A3C\u660E\u66F8\u5FDC\u7B54\u304C\u30AD\u30FC\u30B9\u30C8\u30A2\u306B\u30A4\u30F3\u30B9\u30C8\u30FC\u30EB\u3055\u308C\u307E\u305B\u3093\u3067\u3057\u305F"},
-        {"Certificate.was.added.to.keystore",
-                "\u8A3C\u660E\u66F8\u304C\u30AD\u30FC\u30B9\u30C8\u30A2\u306B\u8FFD\u52A0\u3055\u308C\u307E\u3057\u305F"},
-        {"Certificate.was.not.added.to.keystore",
-                "\u8A3C\u660E\u66F8\u304C\u30AD\u30FC\u30B9\u30C8\u30A2\u306B\u8FFD\u52A0\u3055\u308C\u307E\u305B\u3093\u3067\u3057\u305F"},
-        {".Storing.ksfname.", "[{0}\u3092\u683C\u7D0D\u4E2D]"},
-        {"alias.has.no.public.key.certificate.",
-                "{0}\u306B\u306F\u516C\u958B\u9375(\u8A3C\u660E\u66F8)\u304C\u3042\u308A\u307E\u305B\u3093"},
-        {"Cannot.derive.signature.algorithm",
-                "\u7F72\u540D\u30A2\u30EB\u30B4\u30EA\u30BA\u30E0\u3092\u53D6\u5F97\u3067\u304D\u307E\u305B\u3093"},
-        {"Alias.alias.does.not.exist",
-                "\u5225\u540D<{0}>\u306F\u5B58\u5728\u3057\u307E\u305B\u3093"},
-        {"Alias.alias.has.no.certificate",
-                "\u5225\u540D<{0}>\u306B\u306F\u8A3C\u660E\u66F8\u304C\u3042\u308A\u307E\u305B\u3093"},
-        {"Key.pair.not.generated.alias.alias.already.exists",
-                "\u9375\u30DA\u30A2\u306F\u751F\u6210\u3055\u308C\u307E\u305B\u3093\u3067\u3057\u305F\u3002\u5225\u540D<{0}>\u306F\u3059\u3067\u306B\u5B58\u5728\u3057\u307E\u3059"},
-        {"Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for",
-                "{3}\u65E5\u9593\u6709\u52B9\u306A{0}\u30D3\u30C3\u30C8\u306E{1}\u306E\u9375\u30DA\u30A2\u3068\u81EA\u5DF1\u7F72\u540D\u578B\u8A3C\u660E\u66F8({2})\u3092\u751F\u6210\u3057\u3066\u3044\u307E\u3059\n\t\u30C7\u30A3\u30EC\u30AF\u30C8\u30EA\u540D: {4}"},
-        {"Enter.key.password.for.alias.", "<{0}>\u306E\u9375\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044"},
-        {".RETURN.if.same.as.keystore.password.",
-                "\t(\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u3068\u540C\u3058\u5834\u5408\u306FRETURN\u3092\u62BC\u3057\u3066\u304F\u3060\u3055\u3044):  "},
-        {"Key.password.is.too.short.must.be.at.least.6.characters",
-                "\u9375\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u304C\u77ED\u3059\u304E\u307E\u3059 - 6\u6587\u5B57\u4EE5\u4E0A\u3092\u6307\u5B9A\u3057\u3066\u304F\u3060\u3055\u3044"},
-        {"Too.many.failures.key.not.added.to.keystore",
-                "\u969C\u5BB3\u304C\u591A\u3059\u304E\u307E\u3059 - \u9375\u306F\u30AD\u30FC\u30B9\u30C8\u30A2\u306B\u8FFD\u52A0\u3055\u308C\u307E\u305B\u3093\u3067\u3057\u305F"},
-        {"Destination.alias.dest.already.exists",
-                "\u51FA\u529B\u5148\u306E\u5225\u540D<{0}>\u306F\u3059\u3067\u306B\u5B58\u5728\u3057\u307E\u3059"},
-        {"Password.is.too.short.must.be.at.least.6.characters",
-                "\u30D1\u30B9\u30EF\u30FC\u30C9\u304C\u77ED\u3059\u304E\u307E\u3059 - 6\u6587\u5B57\u4EE5\u4E0A\u3092\u6307\u5B9A\u3057\u3066\u304F\u3060\u3055\u3044"},
-        {"Too.many.failures.Key.entry.not.cloned",
-                "\u969C\u5BB3\u304C\u591A\u3059\u304E\u307E\u3059\u3002\u9375\u30A8\u30F3\u30C8\u30EA\u306E\u30AF\u30ED\u30FC\u30F3\u306F\u4F5C\u6210\u3055\u308C\u307E\u305B\u3093\u3067\u3057\u305F"},
-        {"key.password.for.alias.", "<{0}>\u306E\u9375\u306E\u30D1\u30B9\u30EF\u30FC\u30C9"},
-        {"Keystore.entry.for.id.getName.already.exists",
-                "<{0}>\u306E\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30A8\u30F3\u30C8\u30EA\u306F\u3059\u3067\u306B\u5B58\u5728\u3057\u307E\u3059"},
-        {"Creating.keystore.entry.for.id.getName.",
-                "<{0}>\u306E\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30A8\u30F3\u30C8\u30EA\u3092\u4F5C\u6210\u4E2D..."},
-        {"No.entries.from.identity.database.added",
-                "\u30A2\u30A4\u30C7\u30F3\u30C6\u30A3\u30C6\u30A3\u30FB\u30C7\u30FC\u30BF\u30D9\u30FC\u30B9\u304B\u3089\u8FFD\u52A0\u3055\u308C\u305F\u30A8\u30F3\u30C8\u30EA\u306F\u3042\u308A\u307E\u305B\u3093"},
-        {"Alias.name.alias", "\u5225\u540D: {0}"},
-        {"Creation.date.keyStore.getCreationDate.alias.",
-                "\u4F5C\u6210\u65E5: {0,date}"},
-        {"alias.keyStore.getCreationDate.alias.",
-                "{0},{1,date}, "},
-        {"alias.", "{0}, "},
-        {"Entry.type.type.", "\u30A8\u30F3\u30C8\u30EA\u30FB\u30BF\u30A4\u30D7: {0}"},
-        {"Certificate.chain.length.", "\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u306E\u9577\u3055: "},
-        {"Certificate.i.1.", "\u8A3C\u660E\u66F8[{0,number,integer}]:"},
-        {"Certificate.fingerprint.SHA1.", "\u8A3C\u660E\u66F8\u306E\u30D5\u30A3\u30F3\u30AC\u30D7\u30EA\u30F3\u30C8(SHA1): "},
-        {"Keystore.type.", "\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30BF\u30A4\u30D7: "},
-        {"Keystore.provider.", "\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30D7\u30ED\u30D0\u30A4\u30C0: "},
-        {"Your.keystore.contains.keyStore.size.entry",
-                "\u30AD\u30FC\u30B9\u30C8\u30A2\u306B\u306F{0,number,integer}\u30A8\u30F3\u30C8\u30EA\u304C\u542B\u307E\u308C\u307E\u3059"},
-        {"Your.keystore.contains.keyStore.size.entries",
-                "\u30AD\u30FC\u30B9\u30C8\u30A2\u306B\u306F{0,number,integer}\u30A8\u30F3\u30C8\u30EA\u304C\u542B\u307E\u308C\u307E\u3059"},
-        {"Failed.to.parse.input", "\u5165\u529B\u306E\u69CB\u6587\u89E3\u6790\u306B\u5931\u6557\u3057\u307E\u3057\u305F"},
-        {"Empty.input", "\u5165\u529B\u304C\u3042\u308A\u307E\u305B\u3093"},
-        {"Not.X.509.certificate", "X.509\u8A3C\u660E\u66F8\u3067\u306F\u3042\u308A\u307E\u305B\u3093"},
-        {"alias.has.no.public.key", "{0}\u306B\u306F\u516C\u958B\u9375\u304C\u3042\u308A\u307E\u305B\u3093"},
-        {"alias.has.no.X.509.certificate", "{0}\u306B\u306FX.509\u8A3C\u660E\u66F8\u304C\u3042\u308A\u307E\u305B\u3093"},
-        {"New.certificate.self.signed.", "\u65B0\u3057\u3044\u8A3C\u660E\u66F8(\u81EA\u5DF1\u7F72\u540D\u578B):"},
-        {"Reply.has.no.certificates", "\u5FDC\u7B54\u306B\u306F\u8A3C\u660E\u66F8\u304C\u3042\u308A\u307E\u305B\u3093"},
-        {"Certificate.not.imported.alias.alias.already.exists",
-                "\u8A3C\u660E\u66F8\u306F\u30A4\u30F3\u30DD\u30FC\u30C8\u3055\u308C\u307E\u305B\u3093\u3067\u3057\u305F\u3002\u5225\u540D<{0}>\u306F\u3059\u3067\u306B\u5B58\u5728\u3057\u307E\u3059"},
-        {"Input.not.an.X.509.certificate", "\u5165\u529B\u306FX.509\u8A3C\u660E\u66F8\u3067\u306F\u3042\u308A\u307E\u305B\u3093"},
-        {"Certificate.already.exists.in.keystore.under.alias.trustalias.",
-                "\u8A3C\u660E\u66F8\u306F\u3001\u5225\u540D<{0}>\u306E\u30AD\u30FC\u30B9\u30C8\u30A2\u306B\u3059\u3067\u306B\u5B58\u5728\u3057\u307E\u3059"},
-        {"Do.you.still.want.to.add.it.no.",
-                "\u8FFD\u52A0\u3057\u307E\u3059\u304B\u3002[\u3044\u3044\u3048]:  "},
-        {"Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias.",
-                "\u8A3C\u660E\u66F8\u306F\u3001\u5225\u540D<{0}>\u306E\u30B7\u30B9\u30C6\u30E0\u898F\u6A21\u306ECA\u30AD\u30FC\u30B9\u30C8\u30A2\u5185\u306B\u3059\u3067\u306B\u5B58\u5728\u3057\u307E\u3059"},
-        {"Do.you.still.want.to.add.it.to.your.own.keystore.no.",
-                "\u30AD\u30FC\u30B9\u30C8\u30A2\u306B\u8FFD\u52A0\u3057\u307E\u3059\u304B\u3002 [\u3044\u3044\u3048]:  "},
-        {"Trust.this.certificate.no.", "\u3053\u306E\u8A3C\u660E\u66F8\u3092\u4FE1\u983C\u3057\u307E\u3059\u304B\u3002 [\u3044\u3044\u3048]:  "},
-        {"YES", "\u306F\u3044"},
-        {"New.prompt.", "\u65B0\u898F{0}: "},
-        {"Passwords.must.differ", "\u30D1\u30B9\u30EF\u30FC\u30C9\u306F\u7570\u306A\u3063\u3066\u3044\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059"},
-        {"Re.enter.new.prompt.", "\u65B0\u898F{0}\u3092\u518D\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044: "},
-        {"Re.enter.new.password.", "\u65B0\u898F\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u518D\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044: "},
-        {"They.don.t.match.Try.again", "\u4E00\u81F4\u3057\u307E\u305B\u3093\u3002\u3082\u3046\u4E00\u5EA6\u5B9F\u884C\u3057\u3066\u304F\u3060\u3055\u3044"},
-        {"Enter.prompt.alias.name.", "{0}\u306E\u5225\u540D\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044:  "},
-        {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
-                 "\u65B0\u3057\u3044\u5225\u540D\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044\t(\u3053\u306E\u30A8\u30F3\u30C8\u30EA\u306E\u30A4\u30F3\u30DD\u30FC\u30C8\u3092\u53D6\u308A\u6D88\u3059\u5834\u5408\u306FRETURN\u3092\u62BC\u3057\u3066\u304F\u3060\u3055\u3044):  "},
-        {"Enter.alias.name.", "\u5225\u540D\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044:  "},
-        {".RETURN.if.same.as.for.otherAlias.",
-                "\t(<{0}>\u3068\u540C\u3058\u5834\u5408\u306FRETURN\u3092\u62BC\u3057\u3066\u304F\u3060\u3055\u3044)"},
-        {".PATTERN.printX509Cert",
-                "\u6240\u6709\u8005: {0}\n\u767A\u884C\u8005: {1}\n\u30B7\u30EA\u30A2\u30EB\u756A\u53F7: {2}\n\u6709\u52B9\u671F\u9593\u306E\u958B\u59CB\u65E5: {3}\u7D42\u4E86\u65E5: {4}\n\u8A3C\u660E\u66F8\u306E\u30D5\u30A3\u30F3\u30AC\u30D7\u30EA\u30F3\u30C8:\n\t MD5:  {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t \u7F72\u540D\u30A2\u30EB\u30B4\u30EA\u30BA\u30E0\u540D: {8}\n\t \u30D0\u30FC\u30B8\u30E7\u30F3: {9}"},
-        {"What.is.your.first.and.last.name.",
-                "\u59D3\u540D\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044\u3002"},
-        {"What.is.the.name.of.your.organizational.unit.",
-                "\u7D44\u7E54\u5358\u4F4D\u540D\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044\u3002"},
-        {"What.is.the.name.of.your.organization.",
-                "\u7D44\u7E54\u540D\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044\u3002"},
-        {"What.is.the.name.of.your.City.or.Locality.",
-                "\u90FD\u5E02\u540D\u307E\u305F\u306F\u5730\u57DF\u540D\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044\u3002"},
-        {"What.is.the.name.of.your.State.or.Province.",
-                "\u90FD\u9053\u5E9C\u770C\u540D\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044\u3002"},
-        {"What.is.the.two.letter.country.code.for.this.unit.",
-                "\u3053\u306E\u5358\u4F4D\u306B\u8A72\u5F53\u3059\u308B2\u6587\u5B57\u306E\u56FD\u30B3\u30FC\u30C9\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044\u3002"},
-        {"Is.name.correct.", "{0}\u3067\u3088\u308D\u3057\u3044\u3067\u3059\u304B\u3002"},
-        {"no", "\u3044\u3044\u3048"},
-        {"yes", "\u306F\u3044"},
-        {"y", "y"},
-        {".defaultValue.", "  [{0}]:  "},
-        {"Alias.alias.has.no.key",
-                "\u5225\u540D<{0}>\u306B\u306F\u9375\u304C\u3042\u308A\u307E\u305B\u3093"},
-        {"Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key",
-                 "\u5225\u540D<{0}>\u304C\u53C2\u7167\u3057\u3066\u3044\u308B\u30A8\u30F3\u30C8\u30EA\u30FB\u30BF\u30A4\u30D7\u306F\u79D8\u5BC6\u9375\u30A8\u30F3\u30C8\u30EA\u3067\u306F\u3042\u308A\u307E\u305B\u3093\u3002-keyclone\u30B3\u30DE\u30F3\u30C9\u306F\u79D8\u5BC6\u9375\u30A8\u30F3\u30C8\u30EA\u306E\u30AF\u30ED\u30FC\u30F3\u4F5C\u6210\u306E\u307F\u3092\u30B5\u30DD\u30FC\u30C8\u3057\u307E\u3059"},
-
-        {".WARNING.WARNING.WARNING.",
-            "*****************\u8B66\u544A \u8B66\u544A \u8B66\u544A*****************"},
-        {"Signer.d.", "\u7F72\u540D\u8005\u756A\u53F7%d:"},
-        {"Timestamp.", "\u30BF\u30A4\u30E0\u30B9\u30BF\u30F3\u30D7:"},
-        {"Signature.", "\u7F72\u540D:"},
-        {"CRLs.", "CRL:"},
-        {"Certificate.owner.", "\u8A3C\u660E\u66F8\u306E\u6240\u6709\u8005: "},
-        {"Not.a.signed.jar.file", "\u7F72\u540D\u4ED8\u304DJAR\u30D5\u30A1\u30A4\u30EB\u3067\u306F\u3042\u308A\u307E\u305B\u3093"},
-        {"No.certificate.from.the.SSL.server",
-                "SSL\u30B5\u30FC\u30D0\u30FC\u304B\u3089\u306E\u8A3C\u660E\u66F8\u304C\u3042\u308A\u307E\u305B\u3093"},
-
-        {".The.integrity.of.the.information.stored.in.your.keystore.",
-            "*\u30AD\u30FC\u30B9\u30C8\u30A2\u306B\u4FDD\u5B58\u3055\u308C\u305F\u60C5\u5831\u306E\u6574\u5408\u6027\u306F*\n*\u691C\u8A3C\u3055\u308C\u3066\u3044\u307E\u305B\u3093\u3002\u6574\u5408\u6027\u3092\u691C\u8A3C\u3059\u308B\u306B\u306F*\n*\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u5165\u529B\u3059\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059\u3002*"},
-        {".The.integrity.of.the.information.stored.in.the.srckeystore.",
-            "*\u30BD\u30FC\u30B9\u30FB\u30AD\u30FC\u30B9\u30C8\u30A2\u306B\u4FDD\u5B58\u3055\u308C\u305F\u60C5\u5831\u306E\u6574\u5408\u6027\u306F*\n*\u691C\u8A3C\u3055\u308C\u3066\u3044\u307E\u305B\u3093\u3002\u6574\u5408\u6027\u3092\u691C\u8A3C\u3059\u308B\u306B\u306F*\n*\u30BD\u30FC\u30B9\u30FB\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30D1\u30B9\u30EF\u30FC\u30C9\u3092\u5165\u529B\u3059\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059\u3002*"},
-
-        {"Certificate.reply.does.not.contain.public.key.for.alias.",
-                "\u8A3C\u660E\u66F8\u5FDC\u7B54\u306B\u306F\u3001<{0}>\u306E\u516C\u958B\u9375\u306F\u542B\u307E\u308C\u307E\u305B\u3093"},
-        {"Incomplete.certificate.chain.in.reply",
-                "\u5FDC\u7B54\u3057\u305F\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u306F\u4E0D\u5B8C\u5168\u3067\u3059"},
-        {"Certificate.chain.in.reply.does.not.verify.",
-                "\u5FDC\u7B54\u3057\u305F\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u306F\u691C\u8A3C\u3055\u308C\u3066\u3044\u307E\u305B\u3093: "},
-        {"Top.level.certificate.in.reply.",
-                "\u5FDC\u7B54\u3057\u305F\u30C8\u30C3\u30D7\u30EC\u30D9\u30EB\u306E\u8A3C\u660E\u66F8:\n"},
-        {".is.not.trusted.", "... \u306F\u4FE1\u983C\u3055\u308C\u3066\u3044\u307E\u305B\u3093\u3002 "},
-        {"Install.reply.anyway.no.", "\u5FDC\u7B54\u3092\u30A4\u30F3\u30B9\u30C8\u30FC\u30EB\u3057\u307E\u3059\u304B\u3002[\u3044\u3044\u3048]:  "},
-        {"NO", "\u3044\u3044\u3048"},
-        {"Public.keys.in.reply.and.keystore.don.t.match",
-                "\u5FDC\u7B54\u3057\u305F\u516C\u958B\u9375\u3068\u30AD\u30FC\u30B9\u30C8\u30A2\u304C\u4E00\u81F4\u3057\u307E\u305B\u3093"},
-        {"Certificate.reply.and.certificate.in.keystore.are.identical",
-                "\u8A3C\u660E\u66F8\u5FDC\u7B54\u3068\u30AD\u30FC\u30B9\u30C8\u30A2\u5185\u306E\u8A3C\u660E\u66F8\u304C\u540C\u3058\u3067\u3059"},
-        {"Failed.to.establish.chain.from.reply",
-                "\u5FDC\u7B54\u304B\u3089\u9023\u9396\u3092\u78BA\u7ACB\u3067\u304D\u307E\u305B\u3093\u3067\u3057\u305F"},
-        {"n", "n"},
-        {"Wrong.answer.try.again", "\u5FDC\u7B54\u304C\u9593\u9055\u3063\u3066\u3044\u307E\u3059\u3002\u3082\u3046\u4E00\u5EA6\u5B9F\u884C\u3057\u3066\u304F\u3060\u3055\u3044"},
-        {"Secret.key.not.generated.alias.alias.already.exists",
-                "\u79D8\u5BC6\u9375\u306F\u751F\u6210\u3055\u308C\u307E\u305B\u3093\u3067\u3057\u305F\u3002\u5225\u540D<{0}>\u306F\u3059\u3067\u306B\u5B58\u5728\u3057\u307E\u3059"},
-        {"Please.provide.keysize.for.secret.key.generation",
-                "\u79D8\u5BC6\u9375\u306E\u751F\u6210\u6642\u306B\u306F -keysize\u3092\u6307\u5B9A\u3057\u3066\u304F\u3060\u3055\u3044"},
-
-        {"Extensions.", "\u62E1\u5F35: "},
-        {".Empty.value.", "(\u7A7A\u306E\u5024)"},
-        {"Extension.Request.", "\u62E1\u5F35\u30EA\u30AF\u30A8\u30B9\u30C8:"},
-        {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
-                "PKCS #10\u8A3C\u660E\u66F8\u30EA\u30AF\u30A8\u30B9\u30C8(\u30D0\u30FC\u30B8\u30E7\u30F31.0)\n\u30B5\u30D6\u30B8\u30A7\u30AF\u30C8: %s\n\u516C\u958B\u9375: %s \u30D5\u30A9\u30FC\u30DE\u30C3\u30C8 %s \u30AD\u30FC\n"},
-        {"Unknown.keyUsage.type.", "\u4E0D\u660E\u306AkeyUsage\u30BF\u30A4\u30D7: "},
-        {"Unknown.extendedkeyUsage.type.", "\u4E0D\u660E\u306AextendedkeyUsage\u30BF\u30A4\u30D7: "},
-        {"Unknown.AccessDescription.type.", "\u4E0D\u660E\u306AAccessDescription\u30BF\u30A4\u30D7: "},
-        {"Unrecognized.GeneralName.type.", "\u8A8D\u8B58\u3055\u308C\u306A\u3044GeneralName\u30BF\u30A4\u30D7: "},
-        {"This.extension.cannot.be.marked.as.critical.",
-                 "\u3053\u306E\u62E1\u5F35\u306F\u30AF\u30EA\u30C6\u30A3\u30AB\u30EB\u3068\u3057\u3066\u30DE\u30FC\u30AF\u4ED8\u3051\u3067\u304D\u307E\u305B\u3093\u3002 "},
-        {"Odd.number.of.hex.digits.found.", "\u5947\u6570\u306E16\u9032\u6570\u304C\u898B\u3064\u304B\u308A\u307E\u3057\u305F: "},
-        {"Unknown.extension.type.", "\u4E0D\u660E\u306A\u62E1\u5F35\u30BF\u30A4\u30D7: "},
-        {"command.{0}.is.ambiguous.", "\u30B3\u30DE\u30F3\u30C9{0}\u306F\u3042\u3044\u307E\u3044\u3067\u3059:"},
-
-        // policytool
-        {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.",
-                "\u8B66\u544A: \u5225\u540D{0}\u306E\u516C\u958B\u9375\u304C\u5B58\u5728\u3057\u307E\u305B\u3093\u3002\u30AD\u30FC\u30B9\u30C8\u30A2\u304C\u6B63\u3057\u304F\u69CB\u6210\u3055\u308C\u3066\u3044\u308B\u3053\u3068\u3092\u78BA\u8A8D\u3057\u3066\u304F\u3060\u3055\u3044\u3002"},
-        {"Warning.Class.not.found.class", "\u8B66\u544A: \u30AF\u30E9\u30B9\u304C\u898B\u3064\u304B\u308A\u307E\u305B\u3093: {0}"},
-        {"Warning.Invalid.argument.s.for.constructor.arg",
-                "\u8B66\u544A: \u30B3\u30F3\u30B9\u30C8\u30E9\u30AF\u30BF\u306E\u5F15\u6570\u304C\u7121\u52B9\u3067\u3059: {0}"},
-        {"Illegal.Principal.Type.type", "\u4E0D\u6B63\u306A\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u306E\u30BF\u30A4\u30D7: {0}"},
-        {"Illegal.option.option", "\u4E0D\u6B63\u306A\u30AA\u30D7\u30B7\u30E7\u30F3: {0}"},
-        {"Usage.policytool.options.", "\u4F7F\u7528\u65B9\u6CD5: policytool [options]"},
-        {".file.file.policy.file.location",
-                "  [-file <file>]  \u30DD\u30EA\u30B7\u30FC\u30FB\u30D5\u30A1\u30A4\u30EB\u306E\u5834\u6240"},
-        {"New", "\u65B0\u898F"},
-        {"Open", "\u958B\u304F"},
-        {"Save", "\u4FDD\u5B58"},
-        {"Save.As", "\u5225\u540D\u4FDD\u5B58"},
-        {"View.Warning.Log", "\u8B66\u544A\u30ED\u30B0\u306E\u8868\u793A"},
-        {"Exit", "\u7D42\u4E86"},
-        {"Add.Policy.Entry", "\u30DD\u30EA\u30B7\u30FC\u30FB\u30A8\u30F3\u30C8\u30EA\u306E\u8FFD\u52A0"},
-        {"Edit.Policy.Entry", "\u30DD\u30EA\u30B7\u30FC\u30FB\u30A8\u30F3\u30C8\u30EA\u306E\u7DE8\u96C6"},
-        {"Remove.Policy.Entry", "\u30DD\u30EA\u30B7\u30FC\u30FB\u30A8\u30F3\u30C8\u30EA\u306E\u524A\u9664"},
-        {"Edit", "\u7DE8\u96C6"},
-        {"Retain", "\u4FDD\u6301"},
-
-        {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes",
-            "\u8B66\u544A: \u30D5\u30A1\u30A4\u30EB\u540D\u306B\u30A8\u30B9\u30B1\u30FC\u30D7\u3055\u308C\u305F\u30D0\u30C3\u30AF\u30B9\u30E9\u30C3\u30B7\u30E5\u6587\u5B57\u304C\u542B\u307E\u308C\u3066\u3044\u308B\u53EF\u80FD\u6027\u304C\u3042\u308A\u307E\u3059\u3002\u30D0\u30C3\u30AF\u30B9\u30E9\u30C3\u30B7\u30E5\u6587\u5B57\u3092\u30A8\u30B9\u30B1\u30FC\u30D7\u3059\u308B\u5FC5\u8981\u306F\u3042\u308A\u307E\u305B\u3093(\u30C4\u30FC\u30EB\u306F\u30DD\u30EA\u30B7\u30FC\u5185\u5BB9\u3092\u6C38\u7D9A\u30B9\u30C8\u30A2\u306B\u66F8\u304D\u8FBC\u3080\u3068\u304D\u306B\u3001\u5FC5\u8981\u306B\u5FDC\u3058\u3066\u6587\u5B57\u3092\u30A8\u30B9\u30B1\u30FC\u30D7\u3057\u307E\u3059)\u3002\n\n\u5165\u529B\u6E08\u306E\u540D\u524D\u3092\u4FDD\u6301\u3059\u308B\u306B\u306F\u300C\u4FDD\u6301\u300D\u3092\u30AF\u30EA\u30C3\u30AF\u3057\u3001\u540D\u524D\u3092\u7DE8\u96C6\u3059\u308B\u306B\u306F\u300C\u7DE8\u96C6\u300D\u3092\u30AF\u30EA\u30C3\u30AF\u3057\u3066\u304F\u3060\u3055\u3044\u3002"},
-
-        {"Add.Public.Key.Alias", "\u516C\u958B\u9375\u306E\u5225\u540D\u306E\u8FFD\u52A0"},
-        {"Remove.Public.Key.Alias", "\u516C\u958B\u9375\u306E\u5225\u540D\u3092\u524A\u9664"},
-        {"File", "\u30D5\u30A1\u30A4\u30EB"},
-        {"KeyStore", "\u30AD\u30FC\u30B9\u30C8\u30A2"},
-        {"Policy.File.", "\u30DD\u30EA\u30B7\u30FC\u30FB\u30D5\u30A1\u30A4\u30EB:"},
-        {"Could.not.open.policy.file.policyFile.e.toString.",
-                "\u30DD\u30EA\u30B7\u30FC\u30FB\u30D5\u30A1\u30A4\u30EB\u3092\u958B\u3051\u307E\u305B\u3093\u3067\u3057\u305F: {0}: {1}"},
-        {"Policy.Tool", "\u30DD\u30EA\u30B7\u30FC\u30FB\u30C4\u30FC\u30EB"},
-        {"Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.",
-                "\u30DD\u30EA\u30B7\u30FC\u69CB\u6210\u3092\u958B\u304F\u3068\u304D\u306B\u30A8\u30E9\u30FC\u304C\u767A\u751F\u3057\u307E\u3057\u305F\u3002\u8A73\u7D30\u306F\u8B66\u544A\u30ED\u30B0\u3092\u53C2\u7167\u3057\u3066\u304F\u3060\u3055\u3044\u3002"},
-        {"Error", "\u30A8\u30E9\u30FC"},
-        {"OK", "OK"},
-        {"Status", "\u72B6\u614B"},
-        {"Warning", "\u8B66\u544A"},
-        {"Permission.",
-                "\u30A2\u30AF\u30BB\u30B9\u6A29:                                                       "},
-        {"Principal.Type.", "\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u306E\u30BF\u30A4\u30D7:"},
-        {"Principal.Name.", "\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u306E\u540D\u524D:"},
-        {"Target.Name.",
-                "\u30BF\u30FC\u30B2\u30C3\u30C8\u540D:                                                    "},
-        {"Actions.",
-                "\u30A2\u30AF\u30B7\u30E7\u30F3:                                                             "},
-        {"OK.to.overwrite.existing.file.filename.",
-                "\u65E2\u5B58\u306E\u30D5\u30A1\u30A4\u30EB{0}\u306B\u4E0A\u66F8\u304D\u3057\u307E\u3059\u304B\u3002"},
-        {"Cancel", "\u53D6\u6D88"},
-        {"CodeBase.", "CodeBase:"},
-        {"SignedBy.", "SignedBy:"},
-        {"Add.Principal", "\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u306E\u8FFD\u52A0"},
-        {"Edit.Principal", "\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u306E\u7DE8\u96C6"},
-        {"Remove.Principal", "\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u306E\u524A\u9664"},
-        {"Principals.", "\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB:"},
-        {".Add.Permission", "  \u30A2\u30AF\u30BB\u30B9\u6A29\u306E\u8FFD\u52A0"},
-        {".Edit.Permission", "  \u30A2\u30AF\u30BB\u30B9\u6A29\u306E\u7DE8\u96C6"},
-        {"Remove.Permission", "\u30A2\u30AF\u30BB\u30B9\u6A29\u306E\u524A\u9664"},
-        {"Done", "\u5B8C\u4E86"},
-        {"KeyStore.URL.", "\u30AD\u30FC\u30B9\u30C8\u30A2URL:"},
-        {"KeyStore.Type.", "\u30AD\u30FC\u30B9\u30C8\u30A2\u306E\u30BF\u30A4\u30D7:"},
-        {"KeyStore.Provider.", "\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30D7\u30ED\u30D0\u30A4\u30C0:"},
-        {"KeyStore.Password.URL.", "\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30D1\u30B9\u30EF\u30FC\u30C9URL:"},
-        {"Principals", "\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB"},
-        {".Edit.Principal.", "  \u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u306E\u7DE8\u96C6:"},
-        {".Add.New.Principal.", "  \u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u306E\u65B0\u898F\u8FFD\u52A0:"},
-        {"Permissions", "\u30A2\u30AF\u30BB\u30B9\u6A29"},
-        {".Edit.Permission.", "  \u30A2\u30AF\u30BB\u30B9\u6A29\u306E\u7DE8\u96C6:"},
-        {".Add.New.Permission.", "  \u65B0\u898F\u30A2\u30AF\u30BB\u30B9\u6A29\u306E\u8FFD\u52A0:"},
-        {"Signed.By.", "\u7F72\u540D\u8005:"},
-        {"Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name",
-            "\u30EF\u30A4\u30EB\u30C9\u30AB\u30FC\u30C9\u540D\u306E\u306A\u3044\u30EF\u30A4\u30EB\u30C9\u30AB\u30FC\u30C9\u30FB\u30AF\u30E9\u30B9\u3092\u4F7F\u7528\u3057\u3066\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u3092\u6307\u5B9A\u3059\u308B\u3053\u3068\u306F\u3067\u304D\u307E\u305B\u3093"},
-        {"Cannot.Specify.Principal.without.a.Name",
-            "\u540D\u524D\u3092\u4F7F\u7528\u305B\u305A\u306B\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u3092\u6307\u5B9A\u3059\u308B\u3053\u3068\u306F\u3067\u304D\u307E\u305B\u3093"},
-        {"Permission.and.Target.Name.must.have.a.value",
-                "\u30A2\u30AF\u30BB\u30B9\u6A29\u3068\u30BF\u30FC\u30B2\u30C3\u30C8\u540D\u306F\u3001\u5024\u3092\u4FDD\u6301\u3059\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059"},
-        {"Remove.this.Policy.Entry.", "\u3053\u306E\u30DD\u30EA\u30B7\u30FC\u30FB\u30A8\u30F3\u30C8\u30EA\u3092\u524A\u9664\u3057\u307E\u3059\u304B\u3002"},
-        {"Overwrite.File", "\u30D5\u30A1\u30A4\u30EB\u3092\u4E0A\u66F8\u304D\u3057\u307E\u3059"},
-        {"Policy.successfully.written.to.filename",
-                "\u30DD\u30EA\u30B7\u30FC\u306E{0}\u3078\u306E\u66F8\u8FBC\u307F\u306B\u6210\u529F\u3057\u307E\u3057\u305F"},
-        {"null.filename", "\u30D5\u30A1\u30A4\u30EB\u540D\u304Cnull\u3067\u3059"},
-        {"Save.changes.", "\u5909\u66F4\u3092\u4FDD\u5B58\u3057\u307E\u3059\u304B\u3002"},
-        {"Yes", "\u306F\u3044"},
-        {"No", "\u3044\u3044\u3048"},
-        {"Policy.Entry", "\u30DD\u30EA\u30B7\u30FC\u30FB\u30A8\u30F3\u30C8\u30EA"},
-        {"Save.Changes", "\u5909\u66F4\u3092\u4FDD\u5B58\u3057\u307E\u3059"},
-        {"No.Policy.Entry.selected", "\u30DD\u30EA\u30B7\u30FC\u30FB\u30A8\u30F3\u30C8\u30EA\u304C\u9078\u629E\u3055\u308C\u3066\u3044\u307E\u305B\u3093"},
-        {"Unable.to.open.KeyStore.ex.toString.",
-                "\u30AD\u30FC\u30B9\u30C8\u30A2{0}\u3092\u958B\u3051\u307E\u305B\u3093"},
-        {"No.principal.selected", "\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u304C\u9078\u629E\u3055\u308C\u3066\u3044\u307E\u305B\u3093"},
-        {"No.permission.selected", "\u30A2\u30AF\u30BB\u30B9\u6A29\u304C\u9078\u629E\u3055\u308C\u3066\u3044\u307E\u305B\u3093"},
-        {"name", "\u540D\u524D"},
-        {"configuration.type", "\u69CB\u6210\u30BF\u30A4\u30D7"},
-        {"environment.variable.name", "\u74B0\u5883\u5909\u6570\u540D"},
-        {"library.name", "\u30E9\u30A4\u30D6\u30E9\u30EA\u540D"},
-        {"package.name", "\u30D1\u30C3\u30B1\u30FC\u30B8\u540D"},
-        {"policy.type", "\u30DD\u30EA\u30B7\u30FC\u30FB\u30BF\u30A4\u30D7"},
-        {"property.name", "\u30D7\u30ED\u30D1\u30C6\u30A3\u540D"},
-        {"Principal.List", "\u30D7\u30EA\u30F3\u30B7\u30D1\u30EB\u306E\u30EA\u30B9\u30C8"},
-        {"Permission.List", "\u30A2\u30AF\u30BB\u30B9\u6A29\u306E\u30EA\u30B9\u30C8"},
-        {"Code.Base", "\u30B3\u30FC\u30C9\u30FB\u30D9\u30FC\u30B9"},
-        {"KeyStore.U.R.L.", "\u30AD\u30FC\u30B9\u30C8\u30A2U R L:"},
-        {"KeyStore.Password.U.R.L.", "\u30AD\u30FC\u30B9\u30C8\u30A2\u30FB\u30D1\u30B9\u30EF\u30FC\u30C9U R L:"},
-
-
         // javax.security.auth.PrivateCredentialPermission
         {"invalid.null.input.s.", "null\u306E\u5165\u529B\u306F\u7121\u52B9\u3067\u3059"},
         {"actions.can.only.be.read.", "\u30A2\u30AF\u30B7\u30E7\u30F3\u306F'\u8AAD\u8FBC\u307F'\u306E\u307F\u53EF\u80FD\u3067\u3059"},
@@ -553,6 +58,7 @@
         {"provided.null.OID.map", "null\u306EOID\u30DE\u30C3\u30D7\u304C\u6307\u5B9A\u3055\u308C\u307E\u3057\u305F"},
 
         // javax.security.auth.Subject
+        {"NEWLINE", "\n"},
         {"invalid.null.AccessControlContext.provided",
                 "\u7121\u52B9\u306Anull AccessControlContext\u304C\u6307\u5B9A\u3055\u308C\u307E\u3057\u305F"},
         {"invalid.null.action.provided", "\u7121\u52B9\u306Anull\u30A2\u30AF\u30B7\u30E7\u30F3\u304C\u6307\u5B9A\u3055\u308C\u307E\u3057\u305F"},
@@ -656,6 +162,7 @@
      *
      * @return the contents of this <code>ResourceBundle</code>.
      */
+    @Override
     public Object[][] getContents() {
         return contents;
     }
--- a/jdk/src/share/classes/sun/security/util/Resources_ko.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/src/share/classes/sun/security/util/Resources_ko.java	Sun Oct 14 22:58:59 2012 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -34,501 +34,6 @@
 
     private static final Object[][] contents = {
 
-        // shared (from jarsigner)
-        {"SPACE", " "},
-        {"2SPACE", "  "},
-        {"6SPACE", "      "},
-        {"COMMA", ", "},
-        // shared (from keytool)
-        {"NEWLINE", "\n"},
-        {"STAR",
-                "*******************************************"},
-        {"STARNN",
-                "*******************************************\n\n"},
-
-        // keytool: Help part
-// "Option" should be translated.
-        {".OPTION.", " [\uC635\uC158]..."},
-        {"Options.", "\uC635\uC158:"},
-        {"Use.keytool.help.for.all.available.commands",
-                 "\uC0AC\uC6A9 \uAC00\uB2A5\uD55C \uBAA8\uB4E0 \uBA85\uB839\uC5D0 \"keytool -help\" \uC0AC\uC6A9"},
-        {"Key.and.Certificate.Management.Tool",
-                 "\uD0A4 \uBC0F \uC778\uC99D\uC11C \uAD00\uB9AC \uD234"},
-        {"Commands.", "\uBA85\uB839:"},
-        {"Use.keytool.command.name.help.for.usage.of.command.name",
-                "command_name \uC0AC\uC6A9\uBC95\uC5D0 \"keytool -command_name -help\" \uC0AC\uC6A9"},
-        // keytool: help: commands
-        {"Generates.a.certificate.request",
-                "\uC778\uC99D\uC11C \uC694\uCCAD\uC744 \uC0DD\uC131\uD569\uB2C8\uB2E4."}, //-certreq
-        {"Changes.an.entry.s.alias",
-                "\uD56D\uBAA9\uC758 \uBCC4\uCE6D\uC744 \uBCC0\uACBD\uD569\uB2C8\uB2E4."}, //-changealias
-        {"Deletes.an.entry",
-                "\uD56D\uBAA9\uC744 \uC0AD\uC81C\uD569\uB2C8\uB2E4."}, //-delete
-        {"Exports.certificate",
-                "\uC778\uC99D\uC11C\uB97C \uC775\uC2A4\uD3EC\uD2B8\uD569\uB2C8\uB2E4."}, //-exportcert
-        {"Generates.a.key.pair",
-                "\uD0A4 \uC30D\uC744 \uC0DD\uC131\uD569\uB2C8\uB2E4."}, //-genkeypair
-// translation of "secret" key should be different to "private" key.
-        {"Generates.a.secret.key",
-                "\uBCF4\uC548 \uD0A4\uB97C \uC0DD\uC131\uD569\uB2C8\uB2E4."}, //-genseckey
-        {"Generates.certificate.from.a.certificate.request",
-                "\uC778\uC99D\uC11C \uC694\uCCAD\uC5D0\uC11C \uC778\uC99D\uC11C\uB97C \uC0DD\uC131\uD569\uB2C8\uB2E4."}, //-gencert
-        {"Generates.CRL", "CRL\uC744 \uC0DD\uC131\uD569\uB2C8\uB2E4."}, //-gencrl
-        {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
-                "JDK 1.1.x \uC2A4\uD0C0\uC77C ID \uB370\uC774\uD130\uBCA0\uC774\uC2A4\uC5D0\uC11C \uD56D\uBAA9\uC744 \uC784\uD3EC\uD2B8\uD569\uB2C8\uB2E4."}, //-identitydb
-        {"Imports.a.certificate.or.a.certificate.chain",
-                "\uC778\uC99D\uC11C \uB610\uB294 \uC778\uC99D\uC11C \uCCB4\uC778\uC744 \uC784\uD3EC\uD2B8\uD569\uB2C8\uB2E4."}, //-importcert
-        {"Imports.one.or.all.entries.from.another.keystore",
-                "\uB2E4\uB978 \uD0A4 \uC800\uC7A5\uC18C\uC5D0\uC11C \uD558\uB098 \uB610\uB294 \uBAA8\uB4E0 \uD56D\uBAA9\uC744 \uC784\uD3EC\uD2B8\uD569\uB2C8\uB2E4."}, //-importkeystore
-        {"Clones.a.key.entry",
-                "\uD0A4 \uD56D\uBAA9\uC744 \uBCF5\uC81C\uD569\uB2C8\uB2E4."}, //-keyclone
-        {"Changes.the.key.password.of.an.entry",
-                "\uD56D\uBAA9\uC758 \uD0A4 \uBE44\uBC00\uBC88\uD638\uB97C \uBCC0\uACBD\uD569\uB2C8\uB2E4."}, //-keypasswd
-        {"Lists.entries.in.a.keystore",
-                "\uD0A4 \uC800\uC7A5\uC18C\uC758 \uD56D\uBAA9\uC744 \uB098\uC5F4\uD569\uB2C8\uB2E4."}, //-list
-        {"Prints.the.content.of.a.certificate",
-                "\uC778\uC99D\uC11C\uC758 \uCF58\uD150\uCE20\uB97C \uC778\uC1C4\uD569\uB2C8\uB2E4."}, //-printcert
-        {"Prints.the.content.of.a.certificate.request",
-                "\uC778\uC99D\uC11C \uC694\uCCAD\uC758 \uCF58\uD150\uCE20\uB97C \uC778\uC1C4\uD569\uB2C8\uB2E4."}, //-printcertreq
-        {"Prints.the.content.of.a.CRL.file",
-                "CRL \uD30C\uC77C\uC758 \uCF58\uD150\uCE20\uB97C \uC778\uC1C4\uD569\uB2C8\uB2E4."}, //-printcrl
-        {"Generates.a.self.signed.certificate",
-                "\uC790\uCCB4 \uC11C\uBA85\uB41C \uC778\uC99D\uC11C\uB97C \uC0DD\uC131\uD569\uB2C8\uB2E4."}, //-selfcert
-        {"Changes.the.store.password.of.a.keystore",
-                "\uD0A4 \uC800\uC7A5\uC18C\uC758 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638\uB97C \uBCC0\uACBD\uD569\uB2C8\uB2E4."}, //-storepasswd
-        // keytool: help: options
-        {"alias.name.of.the.entry.to.process",
-                "\uCC98\uB9AC\uD560 \uD56D\uBAA9\uC758 \uBCC4\uCE6D \uC774\uB984"}, //-alias
-        {"destination.alias",
-                "\uB300\uC0C1 \uBCC4\uCE6D"}, //-destalias
-        {"destination.key.password",
-                "\uB300\uC0C1 \uD0A4 \uBE44\uBC00\uBC88\uD638"}, //-destkeypass
-        {"destination.keystore.name",
-                "\uB300\uC0C1 \uD0A4 \uC800\uC7A5\uC18C \uC774\uB984"}, //-destkeystore
-        {"destination.keystore.password.protected",
-                "\uB300\uC0C1 \uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638\uB85C \uBCF4\uD638\uB428"}, //-destprotected
-        {"destination.keystore.provider.name",
-                "\uB300\uC0C1 \uD0A4 \uC800\uC7A5\uC18C \uC81C\uACF5\uC790 \uC774\uB984"}, //-destprovidername
-        {"destination.keystore.password",
-                "\uB300\uC0C1 \uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638"}, //-deststorepass
-        {"destination.keystore.type",
-                "\uB300\uC0C1 \uD0A4 \uC800\uC7A5\uC18C \uC720\uD615"}, //-deststoretype
-        {"distinguished.name",
-                "\uC2DD\uBCC4 \uC774\uB984"}, //-dname
-        {"X.509.extension",
-                "X.509 \uD655\uC7A5"}, //-ext
-        {"output.file.name",
-                "\uCD9C\uB825 \uD30C\uC77C \uC774\uB984"}, //-file and -outfile
-        {"input.file.name",
-                "\uC785\uB825 \uD30C\uC77C \uC774\uB984"}, //-file and -infile
-        {"key.algorithm.name",
-                "\uD0A4 \uC54C\uACE0\uB9AC\uC998 \uC774\uB984"}, //-keyalg
-        {"key.password",
-                "\uD0A4 \uBE44\uBC00\uBC88\uD638"}, //-keypass
-        {"key.bit.size",
-                "\uD0A4 \uBE44\uD2B8 \uD06C\uAE30"}, //-keysize
-        {"keystore.name",
-                "\uD0A4 \uC800\uC7A5\uC18C \uC774\uB984"}, //-keystore
-        {"new.password",
-                "\uC0C8 \uBE44\uBC00\uBC88\uD638"}, //-new
-        {"do.not.prompt",
-                "\uD655\uC778\uD558\uC9C0 \uC54A\uC74C"}, //-noprompt
-        {"password.through.protected.mechanism",
-                "\uBCF4\uD638\uB418\uB294 \uBA54\uCEE4\uB2C8\uC998\uC744 \uD1B5\uD55C \uBE44\uBC00\uBC88\uD638"}, //-protected
-        {"provider.argument",
-                "\uC81C\uACF5\uC790 \uC778\uC218"}, //-providerarg
-        {"provider.class.name",
-                "\uC81C\uACF5\uC790 \uD074\uB798\uC2A4 \uC774\uB984"}, //-providerclass
-        {"provider.name",
-                "\uC81C\uACF5\uC790 \uC774\uB984"}, //-providername
-        {"provider.classpath",
-                "\uC81C\uACF5\uC790 \uD074\uB798\uC2A4 \uACBD\uB85C"}, //-providerpath
-        {"output.in.RFC.style",
-                "RFC \uC2A4\uD0C0\uC77C\uC758 \uCD9C\uB825"}, //-rfc
-        {"signature.algorithm.name",
-                "\uC11C\uBA85 \uC54C\uACE0\uB9AC\uC998 \uC774\uB984"}, //-sigalg
-        {"source.alias",
-                "\uC18C\uC2A4 \uBCC4\uCE6D"}, //-srcalias
-        {"source.key.password",
-                "\uC18C\uC2A4 \uD0A4 \uBE44\uBC00\uBC88\uD638"}, //-srckeypass
-        {"source.keystore.name",
-                "\uC18C\uC2A4 \uD0A4 \uC800\uC7A5\uC18C \uC774\uB984"}, //-srckeystore
-        {"source.keystore.password.protected",
-                "\uC18C\uC2A4 \uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638\uB85C \uBCF4\uD638\uB428"}, //-srcprotected
-        {"source.keystore.provider.name",
-                "\uC18C\uC2A4 \uD0A4 \uC800\uC7A5\uC18C \uC81C\uACF5\uC790 \uC774\uB984"}, //-srcprovidername
-        {"source.keystore.password",
-                "\uC18C\uC2A4 \uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638"}, //-srcstorepass
-        {"source.keystore.type",
-                "\uC18C\uC2A4 \uD0A4 \uC800\uC7A5\uC18C \uC720\uD615"}, //-srcstoretype
-        {"SSL.server.host.and.port",
-                "SSL \uC11C\uBC84 \uD638\uC2A4\uD2B8 \uBC0F \uD3EC\uD2B8"}, //-sslserver
-        {"signed.jar.file",
-                "\uC11C\uBA85\uB41C jar \uD30C\uC77C"}, //=jarfile
-        {"certificate.validity.start.date.time",
-                "\uC778\uC99D\uC11C \uC720\uD6A8 \uAE30\uAC04 \uC2DC\uC791 \uB0A0\uC9DC/\uC2DC\uAC04"}, //-startdate
-        {"keystore.password",
-                "\uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638"}, //-storepass
-        {"keystore.type",
-                "\uD0A4 \uC800\uC7A5\uC18C \uC720\uD615"}, //-storetype
-        {"trust.certificates.from.cacerts",
-                "cacerts\uC758 \uBCF4\uC548 \uC778\uC99D\uC11C"}, //-trustcacerts
-        {"verbose.output",
-                "\uC0C1\uC138 \uC815\uBCF4 \uCD9C\uB825"}, //-v
-        {"validity.number.of.days",
-                "\uC720\uD6A8 \uAE30\uAC04 \uC77C \uC218"}, //-validity
-        {"Serial.ID.of.cert.to.revoke",
-                 "\uCCA0\uD68C\uD560 \uC778\uC99D\uC11C\uC758 \uC77C\uB828 ID"}, //-id
-        // keytool: Running part
-        {"keytool.error.", "keytool \uC624\uB958: "},
-        {"Illegal.option.", "\uC798\uBABB\uB41C \uC635\uC158:   "},
-        {"Illegal.value.", "\uC798\uBABB\uB41C \uAC12: "},
-        {"Unknown.password.type.", "\uC54C \uC218 \uC5C6\uB294 \uBE44\uBC00\uBC88\uD638 \uC720\uD615: "},
-        {"Cannot.find.environment.variable.",
-                "\uD658\uACBD \uBCC0\uC218\uB97C \uCC3E\uC744 \uC218 \uC5C6\uC74C: "},
-        {"Cannot.find.file.", "\uD30C\uC77C\uC744 \uCC3E\uC744 \uC218 \uC5C6\uC74C: "},
-        {"Command.option.flag.needs.an.argument.", "\uBA85\uB839 \uC635\uC158 {0}\uC5D0 \uC778\uC218\uAC00 \uD544\uC694\uD569\uB2C8\uB2E4."},
-        {"Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value.",
-                "\uACBD\uACE0: \uB2E4\uB978 \uC800\uC7A5\uC18C \uBC0F \uD0A4 \uBE44\uBC00\uBC88\uD638\uB294 PKCS12 KeyStores\uC5D0 \uB300\uD574 \uC9C0\uC6D0\uB418\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4. \uC0AC\uC6A9\uC790\uAC00 \uC9C0\uC815\uD55C {0} \uAC12\uC744 \uBB34\uC2DC\uD558\uB294 \uC911\uC785\uB2C8\uB2E4."},
-        {".keystore.must.be.NONE.if.storetype.is.{0}",
-                "-storetype\uC774 {0}\uC778 \uACBD\uC6B0 -keystore\uB294 NONE\uC774\uC5B4\uC57C \uD569\uB2C8\uB2E4."},
-        {"Too.many.retries.program.terminated",
-                 "\uC7AC\uC2DC\uB3C4 \uD69F\uC218\uAC00 \uB108\uBB34 \uB9CE\uC544 \uD504\uB85C\uADF8\uB7A8\uC774 \uC885\uB8CC\uB418\uC5C8\uC2B5\uB2C8\uB2E4."},
-        {".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}",
-                "-storetype\uC774 {0}\uC778 \uACBD\uC6B0 -storepasswd \uBC0F -keypasswd \uBA85\uB839\uC774 \uC9C0\uC6D0\uB418\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4."},
-        {".keypasswd.commands.not.supported.if.storetype.is.PKCS12",
-                "-storetype\uC774 PKCS12\uC778 \uACBD\uC6B0 -keypasswd \uBA85\uB839\uC774 \uC9C0\uC6D0\uB418\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4."},
-        {".keypass.and.new.can.not.be.specified.if.storetype.is.{0}",
-                "-storetype\uC774 {0}\uC778 \uACBD\uC6B0 -keypass \uBC0F -new\uB97C \uC9C0\uC815\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4."},
-        {"if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified",
-                "-protected\uB97C \uC9C0\uC815\uD55C \uACBD\uC6B0 -storepass, -keypass \uBC0F -new\uB97C \uC9C0\uC815\uD558\uC9C0 \uC54A\uC544\uC57C \uD569\uB2C8\uB2E4."},
-        {"if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified",
-                "-srcprotected\uB97C \uC9C0\uC815\uD55C \uACBD\uC6B0 -srcstorepass \uBC0F -srckeypass\uB97C \uC9C0\uC815\uD558\uC9C0 \uC54A\uC544\uC57C \uD569\uB2C8\uB2E4."},
-        {"if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified",
-                "\uD0A4 \uC800\uC7A5\uC18C\uAC00 \uBE44\uBC00\uBC88\uD638\uB85C \uBCF4\uD638\uB418\uC9C0 \uC54A\uB294 \uACBD\uC6B0 -storepass, -keypass \uBC0F -new\uB97C \uC9C0\uC815\uD558\uC9C0 \uC54A\uC544\uC57C \uD569\uB2C8\uB2E4."},
-        {"if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified",
-                "\uC18C\uC2A4 \uD0A4 \uC800\uC7A5\uC18C\uAC00 \uBE44\uBC00\uBC88\uD638\uB85C \uBCF4\uD638\uB418\uC9C0 \uC54A\uB294 \uACBD\uC6B0 -srcstorepass \uBC0F -srckeypass\uB97C \uC9C0\uC815\uD558\uC9C0 \uC54A\uC544\uC57C \uD569\uB2C8\uB2E4."},
-        {"Illegal.startdate.value", "startdate \uAC12\uC774 \uC798\uBABB\uB418\uC5C8\uC2B5\uB2C8\uB2E4."},
-        {"Validity.must.be.greater.than.zero",
-                "\uC720\uD6A8 \uAE30\uAC04\uC740 0\uBCF4\uB2E4 \uCEE4\uC57C \uD569\uB2C8\uB2E4."},
-        {"provName.not.a.provider", "{0}\uC740(\uB294) \uC81C\uACF5\uC790\uAC00 \uC544\uB2D9\uB2C8\uB2E4."},
-        {"Usage.error.no.command.provided", "\uC0AC\uC6A9\uBC95 \uC624\uB958: \uBA85\uB839\uC744 \uC785\uB825\uD558\uC9C0 \uC54A\uC558\uC2B5\uB2C8\uB2E4."},
-        {"Source.keystore.file.exists.but.is.empty.", "\uC18C\uC2A4 \uD0A4 \uC800\uC7A5\uC18C \uD30C\uC77C\uC774 \uC874\uC7AC\uD558\uC9C0\uB9CC \uBE44\uC5B4 \uC788\uC74C: "},
-        {"Please.specify.srckeystore", "-srckeystore\uB97C \uC9C0\uC815\uD558\uC2ED\uC2DC\uC624."},
-        {"Must.not.specify.both.v.and.rfc.with.list.command",
-                "'list' \uBA85\uB839\uC5D0 -v\uC640 -rfc\uB97C \uD568\uAED8 \uC9C0\uC815\uD558\uC9C0 \uC54A\uC544\uC57C \uD569\uB2C8\uB2E4."},
-        {"Key.password.must.be.at.least.6.characters",
-                "\uD0A4 \uBE44\uBC00\uBC88\uD638\uB294 6\uC790 \uC774\uC0C1\uC774\uC5B4\uC57C \uD569\uB2C8\uB2E4."},
-        {"New.password.must.be.at.least.6.characters",
-                "\uC0C8 \uBE44\uBC00\uBC88\uD638\uB294 6\uC790 \uC774\uC0C1\uC774\uC5B4\uC57C \uD569\uB2C8\uB2E4."},
-        {"Keystore.file.exists.but.is.empty.",
-                "\uD0A4 \uC800\uC7A5\uC18C \uD30C\uC77C\uC774 \uC874\uC7AC\uD558\uC9C0\uB9CC \uBE44\uC5B4 \uC788\uC74C: "},
-        {"Keystore.file.does.not.exist.",
-                "\uD0A4 \uC800\uC7A5\uC18C \uD30C\uC77C\uC774 \uC874\uC7AC\uD558\uC9C0 \uC54A\uC74C: "},
-        {"Must.specify.destination.alias", "\uB300\uC0C1 \uBCC4\uCE6D\uC744 \uC9C0\uC815\uD574\uC57C \uD569\uB2C8\uB2E4."},
-        {"Must.specify.alias", "\uBCC4\uCE6D\uC744 \uC9C0\uC815\uD574\uC57C \uD569\uB2C8\uB2E4."},
-        {"Keystore.password.must.be.at.least.6.characters",
-                "\uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638\uB294 6\uC790 \uC774\uC0C1\uC774\uC5B4\uC57C \uD569\uB2C8\uB2E4."},
-        {"Enter.keystore.password.", "\uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638 \uC785\uB825:  "},
-        {"Enter.source.keystore.password.", "\uC18C\uC2A4 \uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638 \uC785\uB825:  "},
-        {"Enter.destination.keystore.password.", "\uB300\uC0C1 \uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638 \uC785\uB825:  "},
-        {"Keystore.password.is.too.short.must.be.at.least.6.characters",
-         "\uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638\uAC00 \uB108\uBB34 \uC9E7\uC74C - 6\uC790 \uC774\uC0C1\uC774\uC5B4\uC57C \uD569\uB2C8\uB2E4."},
-        {"Unknown.Entry.Type", "\uC54C \uC218 \uC5C6\uB294 \uD56D\uBAA9 \uC720\uD615"},
-        {"Too.many.failures.Alias.not.changed", "\uC624\uB958\uAC00 \uB108\uBB34 \uB9CE\uC2B5\uB2C8\uB2E4. \uBCC4\uCE6D\uC774 \uBCC0\uACBD\uB418\uC9C0 \uC54A\uC558\uC2B5\uB2C8\uB2E4."},
-        {"Entry.for.alias.alias.successfully.imported.",
-                 "{0} \uBCC4\uCE6D\uC5D0 \uB300\uD55C \uD56D\uBAA9\uC774 \uC131\uACF5\uC801\uC73C\uB85C \uC784\uD3EC\uD2B8\uB418\uC5C8\uC2B5\uB2C8\uB2E4."},
-        {"Entry.for.alias.alias.not.imported.", "{0} \uBCC4\uCE6D\uC5D0 \uB300\uD55C \uD56D\uBAA9\uC774 \uC784\uD3EC\uD2B8\uB418\uC9C0 \uC54A\uC558\uC2B5\uB2C8\uB2E4."},
-        {"Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported.",
-                 "{0} \uBCC4\uCE6D\uC5D0 \uB300\uD55C \uD56D\uBAA9\uC744 \uC784\uD3EC\uD2B8\uD558\uB294 \uC911 \uBB38\uC81C \uBC1C\uC0DD: {1}.\n{0} \uBCC4\uCE6D\uC5D0 \uB300\uD55C \uD56D\uBAA9\uC774 \uC784\uD3EC\uD2B8\uB418\uC9C0 \uC54A\uC558\uC2B5\uB2C8\uB2E4."},
-        {"Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled",
-                 "\uC784\uD3EC\uD2B8 \uBA85\uB839 \uC644\uB8CC: \uC131\uACF5\uC801\uC73C\uB85C \uC784\uD3EC\uD2B8\uB41C \uD56D\uBAA9\uC740 {0}\uAC1C, \uC2E4\uD328\uD558\uAC70\uB098 \uCDE8\uC18C\uB41C \uD56D\uBAA9\uC740 {1}\uAC1C\uC785\uB2C8\uB2E4."},
-        {"Warning.Overwriting.existing.alias.alias.in.destination.keystore",
-                 "\uACBD\uACE0: \uB300\uC0C1 \uD0A4 \uC800\uC7A5\uC18C\uC5D0\uC11C \uAE30\uC874 \uBCC4\uCE6D {0}\uC744(\uB97C) \uACB9\uCCD0 \uC4F0\uB294 \uC911"},
-        {"Existing.entry.alias.alias.exists.overwrite.no.",
-                 "\uAE30\uC874 \uD56D\uBAA9 \uBCC4\uCE6D {0}\uC774(\uAC00) \uC874\uC7AC\uD569\uB2C8\uB2E4. \uACB9\uCCD0 \uC4F0\uACA0\uC2B5\uB2C8\uAE4C? [\uC544\uB2C8\uC624]:  "},
-        {"Too.many.failures.try.later", "\uC624\uB958\uAC00 \uB108\uBB34 \uB9CE\uC74C - \uB098\uC911\uC5D0 \uC2DC\uB3C4\uD558\uC2ED\uC2DC\uC624."},
-        {"Certification.request.stored.in.file.filename.",
-                "\uC778\uC99D \uC694\uCCAD\uC774 <{0}> \uD30C\uC77C\uC5D0 \uC800\uC7A5\uB418\uC5C8\uC2B5\uB2C8\uB2E4."},
-        {"Submit.this.to.your.CA", "CA\uC5D0\uAC8C \uC81C\uCD9C\uD558\uC2ED\uC2DC\uC624."},
-        {"if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified",
-            "\uBCC4\uCE6D\uC744 \uC9C0\uC815\uD558\uC9C0 \uC54A\uC740 \uACBD\uC6B0 destalias, srckeypass \uBC0F destkeypass\uB97C \uC9C0\uC815\uD558\uC9C0 \uC54A\uC544\uC57C \uD569\uB2C8\uB2E4."},
-        {"Certificate.stored.in.file.filename.",
-                "\uC778\uC99D\uC11C\uAC00 <{0}> \uD30C\uC77C\uC5D0 \uC800\uC7A5\uB418\uC5C8\uC2B5\uB2C8\uB2E4."},
-        {"Certificate.reply.was.installed.in.keystore",
-                "\uC778\uC99D\uC11C \uD68C\uC2E0\uC774 \uD0A4 \uC800\uC7A5\uC18C\uC5D0 \uC124\uCE58\uB418\uC5C8\uC2B5\uB2C8\uB2E4."},
-        {"Certificate.reply.was.not.installed.in.keystore",
-                "\uC778\uC99D\uC11C \uD68C\uC2E0\uC774 \uD0A4 \uC800\uC7A5\uC18C\uC5D0 \uC124\uCE58\uB418\uC9C0 \uC54A\uC558\uC2B5\uB2C8\uB2E4."},
-        {"Certificate.was.added.to.keystore",
-                "\uC778\uC99D\uC11C\uAC00 \uD0A4 \uC800\uC7A5\uC18C\uC5D0 \uCD94\uAC00\uB418\uC5C8\uC2B5\uB2C8\uB2E4."},
-        {"Certificate.was.not.added.to.keystore",
-                "\uC778\uC99D\uC11C\uAC00 \uD0A4 \uC800\uC7A5\uC18C\uC5D0 \uCD94\uAC00\uB418\uC9C0 \uC54A\uC558\uC2B5\uB2C8\uB2E4."},
-        {".Storing.ksfname.", "[{0}\uC744(\uB97C) \uC800\uC7A5\uD558\uB294 \uC911]"},
-        {"alias.has.no.public.key.certificate.",
-                "{0}\uC5D0 \uACF5\uC6A9 \uD0A4(\uC778\uC99D\uC11C)\uAC00 \uC5C6\uC2B5\uB2C8\uB2E4."},
-        {"Cannot.derive.signature.algorithm",
-                "\uC11C\uBA85 \uC54C\uACE0\uB9AC\uC998\uC744 \uD30C\uC0DD\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4."},
-        {"Alias.alias.does.not.exist",
-                "<{0}> \uBCC4\uCE6D\uC774 \uC874\uC7AC\uD558\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4."},
-        {"Alias.alias.has.no.certificate",
-                "<{0}> \uBCC4\uCE6D\uC5D0 \uC778\uC99D\uC11C\uAC00 \uC5C6\uC2B5\uB2C8\uB2E4."},
-        {"Key.pair.not.generated.alias.alias.already.exists",
-                "\uD0A4 \uC30D\uC774 \uC0DD\uC131\uB418\uC9C0 \uC54A\uC558\uC73C\uBA70 <{0}> \uBCC4\uCE6D\uC774 \uC874\uC7AC\uD569\uB2C8\uB2E4."},
-        {"Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for",
-                "\uB2E4\uC74C\uC5D0 \uB300\uD574 \uC720\uD6A8 \uAE30\uAC04\uC774 {3}\uC77C\uC778 {0}\uBE44\uD2B8 {1} \uD0A4 \uC30D \uBC0F \uC790\uCCB4 \uC11C\uBA85\uB41C \uC778\uC99D\uC11C({2})\uB97C \uC0DD\uC131\uD558\uB294 \uC911\n\t: {4}"},
-        {"Enter.key.password.for.alias.", "<{0}>\uC5D0 \uB300\uD55C \uD0A4 \uBE44\uBC00\uBC88\uD638\uB97C \uC785\uB825\uD558\uC2ED\uC2DC\uC624."},
-        {".RETURN.if.same.as.keystore.password.",
-                "\t(\uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638\uC640 \uB3D9\uC77C\uD55C \uACBD\uC6B0 Enter \uD0A4\uB97C \uB204\uB984):  "},
-        {"Key.password.is.too.short.must.be.at.least.6.characters",
-                "\uD0A4 \uBE44\uBC00\uBC88\uD638\uAC00 \uB108\uBB34 \uC9E7\uC74C - 6\uC790 \uC774\uC0C1\uC774\uC5B4\uC57C \uD569\uB2C8\uB2E4."},
-        {"Too.many.failures.key.not.added.to.keystore",
-                "\uC624\uB958\uAC00 \uB108\uBB34 \uB9CE\uC74C - \uD0A4 \uC800\uC7A5\uC18C\uC5D0 \uD0A4\uAC00 \uCD94\uAC00\uB418\uC9C0 \uC54A\uC558\uC2B5\uB2C8\uB2E4."},
-        {"Destination.alias.dest.already.exists",
-                "\uB300\uC0C1 \uBCC4\uCE6D <{0}>\uC774(\uAC00) \uC874\uC7AC\uD569\uB2C8\uB2E4."},
-        {"Password.is.too.short.must.be.at.least.6.characters",
-                "\uBE44\uBC00\uBC88\uD638\uAC00 \uB108\uBB34 \uC9E7\uC74C - 6\uC790 \uC774\uC0C1\uC774\uC5B4\uC57C \uD569\uB2C8\uB2E4."},
-        {"Too.many.failures.Key.entry.not.cloned",
-                "\uC624\uB958\uAC00 \uB108\uBB34 \uB9CE\uC2B5\uB2C8\uB2E4. \uD0A4 \uD56D\uBAA9\uC774 \uBCF5\uC81C\uB418\uC9C0 \uC54A\uC558\uC2B5\uB2C8\uB2E4."},
-        {"key.password.for.alias.", "<{0}>\uC5D0 \uB300\uD55C \uD0A4 \uBE44\uBC00\uBC88\uD638"},
-        {"Keystore.entry.for.id.getName.already.exists",
-                "<{0}>\uC5D0 \uB300\uD55C \uD0A4 \uC800\uC7A5\uC18C \uD56D\uBAA9\uC774 \uC874\uC7AC\uD569\uB2C8\uB2E4."},
-        {"Creating.keystore.entry.for.id.getName.",
-                "<{0}>\uC5D0 \uB300\uD55C \uD0A4 \uC800\uC7A5\uC18C \uD56D\uBAA9\uC744 \uC0DD\uC131\uD558\uB294 \uC911..."},
-        {"No.entries.from.identity.database.added",
-                "ID \uB370\uC774\uD130\uBCA0\uC774\uC2A4\uC5D0\uC11C \uCD94\uAC00\uB41C \uD56D\uBAA9\uC774 \uC5C6\uC2B5\uB2C8\uB2E4."},
-        {"Alias.name.alias", "\uBCC4\uCE6D \uC774\uB984: {0}"},
-        {"Creation.date.keyStore.getCreationDate.alias.",
-                "\uC0DD\uC131 \uB0A0\uC9DC: {0,date}"},
-        {"alias.keyStore.getCreationDate.alias.",
-                "{0}, {1,date}, "},
-        {"alias.", "{0}, "},
-        {"Entry.type.type.", "\uD56D\uBAA9 \uC720\uD615: {0}"},
-        {"Certificate.chain.length.", "\uC778\uC99D\uC11C \uCCB4\uC778 \uAE38\uC774: "},
-        {"Certificate.i.1.", "\uC778\uC99D\uC11C[{0,number,integer}]:"},
-        {"Certificate.fingerprint.SHA1.", "\uC778\uC99D\uC11C \uC9C0\uBB38(SHA1): "},
-        {"Keystore.type.", "\uD0A4 \uC800\uC7A5\uC18C \uC720\uD615: "},
-        {"Keystore.provider.", "\uD0A4 \uC800\uC7A5\uC18C \uC81C\uACF5\uC790: "},
-        {"Your.keystore.contains.keyStore.size.entry",
-                "\uD0A4 \uC800\uC7A5\uC18C\uC5D0 {0,number,integer}\uAC1C\uC758 \uD56D\uBAA9\uC774 \uD3EC\uD568\uB418\uC5B4 \uC788\uC2B5\uB2C8\uB2E4."},
-        {"Your.keystore.contains.keyStore.size.entries",
-                "\uD0A4 \uC800\uC7A5\uC18C\uC5D0 {0,number,integer}\uAC1C\uC758 \uD56D\uBAA9\uC774 \uD3EC\uD568\uB418\uC5B4 \uC788\uC2B5\uB2C8\uB2E4."},
-        {"Failed.to.parse.input", "\uC785\uB825\uAC12\uC758 \uAD6C\uBB38 \uBD84\uC11D\uC744 \uC2E4\uD328\uD588\uC2B5\uB2C8\uB2E4."},
-        {"Empty.input", "\uC785\uB825\uAC12\uC774 \uBE44\uC5B4 \uC788\uC2B5\uB2C8\uB2E4."},
-        {"Not.X.509.certificate", "X.509 \uC778\uC99D\uC11C\uAC00 \uC544\uB2D9\uB2C8\uB2E4."},
-        {"alias.has.no.public.key", "{0}\uC5D0 \uACF5\uC6A9 \uD0A4\uAC00 \uC5C6\uC2B5\uB2C8\uB2E4."},
-        {"alias.has.no.X.509.certificate", "{0}\uC5D0 X.509 \uC778\uC99D\uC11C\uAC00 \uC5C6\uC2B5\uB2C8\uB2E4."},
-        {"New.certificate.self.signed.", "\uC0C8 \uC778\uC99D\uC11C(\uC790\uCCB4 \uC11C\uBA85):"},
-        {"Reply.has.no.certificates", "\uD68C\uC2E0\uC5D0 \uC778\uC99D\uC11C\uAC00 \uC5C6\uC2B5\uB2C8\uB2E4."},
-        {"Certificate.not.imported.alias.alias.already.exists",
-                "\uC778\uC99D\uC11C\uAC00 \uC784\uD3EC\uD2B8\uB418\uC9C0 \uC54A\uC558\uC73C\uBA70 <{0}> \uBCC4\uCE6D\uC774 \uC874\uC7AC\uD569\uB2C8\uB2E4."},
-        {"Input.not.an.X.509.certificate", "\uC785\uB825\uC774 X.509 \uC778\uC99D\uC11C\uAC00 \uC544\uB2D9\uB2C8\uB2E4."},
-        {"Certificate.already.exists.in.keystore.under.alias.trustalias.",
-                "\uC778\uC99D\uC11C\uAC00 <{0}> \uBCC4\uCE6D \uC544\uB798\uC758 \uD0A4 \uC800\uC7A5\uC18C\uC5D0 \uC874\uC7AC\uD569\uB2C8\uB2E4."},
-        {"Do.you.still.want.to.add.it.no.",
-                "\uCD94\uAC00\uD558\uACA0\uC2B5\uB2C8\uAE4C? [\uC544\uB2C8\uC624]:  "},
-        {"Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias.",
-                "\uC778\uC99D\uC11C\uAC00 <{0}> \uBCC4\uCE6D \uC544\uB798\uC5D0 \uC788\uB294 \uC2DC\uC2A4\uD15C \uCC28\uC6D0\uC758 CA \uD0A4 \uC800\uC7A5\uC18C\uC5D0 \uC874\uC7AC\uD569\uB2C8\uB2E4."},
-        {"Do.you.still.want.to.add.it.to.your.own.keystore.no.",
-                "\uACE0\uC720\uD55C \uD0A4 \uC800\uC7A5\uC18C\uC5D0 \uCD94\uAC00\uD558\uACA0\uC2B5\uB2C8\uAE4C? [\uC544\uB2C8\uC624]:  "},
-        {"Trust.this.certificate.no.", "\uC774 \uC778\uC99D\uC11C\uB97C \uC2E0\uB8B0\uD569\uB2C8\uAE4C? [\uC544\uB2C8\uC624]:  "},
-        {"YES", "\uC608"},
-        {"New.prompt.", "\uC0C8 {0}: "},
-        {"Passwords.must.differ", "\uBE44\uBC00\uBC88\uD638\uB294 \uB2EC\uB77C\uC57C \uD569\uB2C8\uB2E4."},
-        {"Re.enter.new.prompt.", "\uC0C8 {0} \uB2E4\uC2DC \uC785\uB825: "},
-        {"Re.enter.new.password.", "\uC0C8 \uBE44\uBC00\uBC88\uD638 \uB2E4\uC2DC \uC785\uB825: "},
-        {"They.don.t.match.Try.again", "\uC77C\uCE58\uD558\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4. \uB2E4\uC2DC \uC2DC\uB3C4\uD558\uC2ED\uC2DC\uC624."},
-        {"Enter.prompt.alias.name.", "{0} \uBCC4\uCE6D \uC774\uB984 \uC785\uB825:  "},
-        {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
-                 "\uC0C8 \uBCC4\uCE6D \uC774\uB984 \uC785\uB825\t(\uC774 \uD56D\uBAA9\uC5D0 \uB300\uD55C \uC784\uD3EC\uD2B8\uB97C \uCDE8\uC18C\uD558\uB824\uBA74 Enter \uD0A4\uB97C \uB204\uB984):  "},
-        {"Enter.alias.name.", "\uBCC4\uCE6D \uC774\uB984 \uC785\uB825:  "},
-        {".RETURN.if.same.as.for.otherAlias.",
-                "\t(<{0}>\uACFC(\uC640) \uB3D9\uC77C\uD55C \uACBD\uC6B0 Enter \uD0A4\uB97C \uB204\uB984)"},
-        {".PATTERN.printX509Cert",
-                "\uC18C\uC720\uC790: {0}\n\uBC1C\uD589\uC790: {1}\n\uC77C\uB828 \uBC88\uD638: {2}\n\uC801\uD569\uD55C \uC2DC\uC791 \uB0A0\uC9DC: {3}, \uC885\uB8CC \uB0A0\uC9DC: {4}\n\uC778\uC99D\uC11C \uC9C0\uBB38:\n\t MD5: {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t \uC11C\uBA85 \uC54C\uACE0\uB9AC\uC998 \uC774\uB984: {8}\n\t \uBC84\uC804: {9}"},
-        {"What.is.your.first.and.last.name.",
-                "\uC774\uB984\uACFC \uC131\uC744 \uC785\uB825\uD558\uC2ED\uC2DC\uC624."},
-        {"What.is.the.name.of.your.organizational.unit.",
-                "\uC870\uC9C1 \uB2E8\uC704 \uC774\uB984\uC744 \uC785\uB825\uD558\uC2ED\uC2DC\uC624."},
-        {"What.is.the.name.of.your.organization.",
-                "\uC870\uC9C1 \uC774\uB984\uC744 \uC785\uB825\uD558\uC2ED\uC2DC\uC624."},
-        {"What.is.the.name.of.your.City.or.Locality.",
-                "\uAD6C/\uAD70/\uC2DC \uC774\uB984\uC744 \uC785\uB825\uD558\uC2ED\uC2DC\uC624?"},
-        {"What.is.the.name.of.your.State.or.Province.",
-                "\uC2DC/\uB3C4 \uC774\uB984\uC744 \uC785\uB825\uD558\uC2ED\uC2DC\uC624."},
-        {"What.is.the.two.letter.country.code.for.this.unit.",
-                "\uC774 \uC870\uC9C1\uC758 \uB450 \uC790\uB9AC \uAD6D\uAC00 \uCF54\uB4DC\uB97C \uC785\uB825\uD558\uC2ED\uC2DC\uC624."},
-        {"Is.name.correct.", "{0}\uC774(\uAC00) \uB9DE\uC2B5\uB2C8\uAE4C?"},
-        {"no", "\uC544\uB2C8\uC624"},
-        {"yes", "\uC608"},
-        {"y", "y"},
-        {".defaultValue.", "  [{0}]:  "},
-        {"Alias.alias.has.no.key",
-                "<{0}> \uBCC4\uCE6D\uC5D0 \uD0A4\uAC00 \uC5C6\uC2B5\uB2C8\uB2E4."},
-        {"Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key",
-                 "<{0}> \uBCC4\uCE6D\uC740 \uC804\uC6A9 \uD0A4 \uD56D\uBAA9\uC774 \uC544\uB2CC \uD56D\uBAA9 \uC720\uD615\uC744 \uCC38\uC870\uD569\uB2C8\uB2E4. -keyclone \uBA85\uB839\uC740 \uC804\uC6A9 \uD0A4 \uD56D\uBAA9\uC758 \uBCF5\uC81C\uB9CC \uC9C0\uC6D0\uD569\uB2C8\uB2E4."},
-
-        {".WARNING.WARNING.WARNING.",
-            "*****************  \uACBD\uACE0 \uACBD\uACE0 \uACBD\uACE0  *****************"},
-        {"Signer.d.", "\uC11C\uBA85\uC790 #%d:"},
-        {"Timestamp.", "\uC2DC\uAC04 \uAE30\uB85D:"},
-        {"Signature.", "\uC11C\uBA85:"},
-        {"CRLs.", "CRL:"},
-        {"Certificate.owner.", "\uC778\uC99D\uC11C \uC18C\uC720\uC790: "},
-        {"Not.a.signed.jar.file", "\uC11C\uBA85\uB41C jar \uD30C\uC77C\uC774 \uC544\uB2D9\uB2C8\uB2E4."},
-        {"No.certificate.from.the.SSL.server",
-                "SSL \uC11C\uBC84\uC5D0\uC11C \uAC00\uC838\uC628 \uC778\uC99D\uC11C\uAC00 \uC5C6\uC2B5\uB2C8\uB2E4."},
-
-        {".The.integrity.of.the.information.stored.in.your.keystore.",
-            "* \uD0A4 \uC800\uC7A5\uC18C\uC5D0 \uC800\uC7A5\uB41C \uC815\uBCF4\uC758 \uBB34\uACB0\uC131\uC774  *\n* \uD655\uC778\uB418\uC9C0 \uC54A\uC558\uC2B5\uB2C8\uB2E4! \uBB34\uACB0\uC131\uC744 \uD655\uC778\uD558\uB824\uBA74, *\n* \uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638\uB97C \uC81C\uACF5\uD574\uC57C \uD569\uB2C8\uB2E4.                  *"},
-        {".The.integrity.of.the.information.stored.in.the.srckeystore.",
-            "* srckeystore\uC5D0 \uC800\uC7A5\uB41C \uC815\uBCF4\uC758 \uBB34\uACB0\uC131\uC774  *\n* \uD655\uC778\uB418\uC9C0 \uC54A\uC558\uC2B5\uB2C8\uB2E4! \uBB34\uACB0\uC131\uC744 \uD655\uC778\uD558\uB824\uBA74, *\n* srckeystore \uBE44\uBC00\uBC88\uD638\uB97C \uC81C\uACF5\uD574\uC57C \uD569\uB2C8\uB2E4.                  *"},
-
-        {"Certificate.reply.does.not.contain.public.key.for.alias.",
-                "\uC778\uC99D\uC11C \uD68C\uC2E0\uC5D0 <{0}>\uC5D0 \uB300\uD55C \uACF5\uC6A9 \uD0A4\uAC00 \uD3EC\uD568\uB418\uC5B4 \uC788\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4."},
-        {"Incomplete.certificate.chain.in.reply",
-                "\uD68C\uC2E0\uC5D0 \uBD88\uC644\uC804\uD55C \uC778\uC99D\uC11C \uCCB4\uC778\uC774 \uC788\uC2B5\uB2C8\uB2E4."},
-        {"Certificate.chain.in.reply.does.not.verify.",
-                "\uD68C\uC2E0\uC758 \uC778\uC99D\uC11C \uCCB4\uC778\uC774 \uD655\uC778\uB418\uC9C0 \uC54A\uC74C: "},
-        {"Top.level.certificate.in.reply.",
-                "\uD68C\uC2E0\uC5D0 \uCD5C\uC0C1\uC704 \uB808\uBCA8 \uC778\uC99D\uC11C\uAC00 \uC788\uC74C:\n"},
-        {".is.not.trusted.", "...\uC744(\uB97C) \uC2E0\uB8B0\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4. "},
-        {"Install.reply.anyway.no.", "\uD68C\uC2E0\uC744 \uC124\uCE58\uD558\uACA0\uC2B5\uB2C8\uAE4C? [\uC544\uB2C8\uC624]:  "},
-        {"NO", "\uC544\uB2C8\uC624"},
-        {"Public.keys.in.reply.and.keystore.don.t.match",
-                "\uD68C\uC2E0\uACFC \uD0A4 \uC800\uC7A5\uC18C\uC758 \uACF5\uC6A9 \uD0A4\uAC00 \uC77C\uCE58\uD558\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4."},
-        {"Certificate.reply.and.certificate.in.keystore.are.identical",
-                "\uD68C\uC2E0\uACFC \uD0A4 \uC800\uC7A5\uC18C\uC758 \uC778\uC99D\uC11C\uAC00 \uB3D9\uC77C\uD569\uB2C8\uB2E4."},
-        {"Failed.to.establish.chain.from.reply",
-                "\uD68C\uC2E0\uC758 \uCCB4\uC778 \uC124\uC815\uC744 \uC2E4\uD328\uD588\uC2B5\uB2C8\uB2E4."},
-        {"n", "n"},
-        {"Wrong.answer.try.again", "\uC798\uBABB\uB41C \uC751\uB2F5\uC785\uB2C8\uB2E4. \uB2E4\uC2DC \uC2DC\uB3C4\uD558\uC2ED\uC2DC\uC624."},
-        {"Secret.key.not.generated.alias.alias.already.exists",
-                "\uBCF4\uC548 \uD0A4\uAC00 \uC0DD\uC131\uB418\uC9C0 \uC54A\uC558\uC73C\uBA70 <{0}> \uBCC4\uCE6D\uC774 \uC874\uC7AC\uD569\uB2C8\uB2E4."},
-        {"Please.provide.keysize.for.secret.key.generation",
-                "\uBCF4\uC548 \uD0A4\uB97C \uC0DD\uC131\uD558\uB824\uBA74 -keysize\uB97C \uC81C\uACF5\uD558\uC2ED\uC2DC\uC624."},
-
-        {"Extensions.", "\uD655\uC7A5: "},
-        {".Empty.value.", "(\uBE44\uC5B4 \uC788\uB294 \uAC12)"},
-        {"Extension.Request.", "\uD655\uC7A5 \uC694\uCCAD:"},
-        {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
-                "PKCS #10 \uC778\uC99D\uC11C \uC694\uCCAD(1.0 \uBC84\uC804)\n\uC81C\uBAA9: %s\n\uACF5\uC6A9 \uD0A4: %s \uD615\uC2DD %s \uD0A4\n"},
-        {"Unknown.keyUsage.type.", "\uC54C \uC218 \uC5C6\uB294 keyUsage \uC720\uD615: "},
-        {"Unknown.extendedkeyUsage.type.", "\uC54C \uC218 \uC5C6\uB294 extendedkeyUsage \uC720\uD615: "},
-        {"Unknown.AccessDescription.type.", "\uC54C \uC218 \uC5C6\uB294 AccessDescription \uC720\uD615: "},
-        {"Unrecognized.GeneralName.type.", "\uC54C \uC218 \uC5C6\uB294 GeneralName \uC720\uD615: "},
-        {"This.extension.cannot.be.marked.as.critical.",
-                 "\uC774 \uD655\uC7A5\uC740 \uC911\uC694\uD55C \uAC83\uC73C\uB85C \uD45C\uC2DC\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4. "},
-        {"Odd.number.of.hex.digits.found.", "\uD640\uC218 \uAC1C\uC758 16\uC9C4\uC218\uAC00 \uBC1C\uACAC\uB428: "},
-        {"Unknown.extension.type.", "\uC54C \uC218 \uC5C6\uB294 \uD655\uC7A5 \uC720\uD615: "},
-        {"command.{0}.is.ambiguous.", "{0} \uBA85\uB839\uC774 \uBAA8\uD638\uD568:"},
-
-        // policytool
-        {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.",
-                "\uACBD\uACE0: {0} \uBCC4\uCE6D\uC5D0 \uB300\uD55C \uACF5\uC6A9 \uD0A4\uAC00 \uC874\uC7AC\uD558\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4. \uD0A4 \uC800\uC7A5\uC18C\uAC00 \uC81C\uB300\uB85C \uAD6C\uC131\uB418\uC5B4 \uC788\uB294\uC9C0 \uD655\uC778\uD558\uC2ED\uC2DC\uC624."},
-        {"Warning.Class.not.found.class", "\uACBD\uACE0: \uD074\uB798\uC2A4\uB97C \uCC3E\uC744 \uC218 \uC5C6\uC74C: {0}"},
-        {"Warning.Invalid.argument.s.for.constructor.arg",
-                "\uACBD\uACE0: \uC0DD\uC131\uC790\uC5D0 \uB300\uD574 \uBD80\uC801\uD569\uD55C \uC778\uC218: {0}"},
-        {"Illegal.Principal.Type.type", "\uC798\uBABB\uB41C \uC8FC\uCCB4 \uC720\uD615: {0}"},
-        {"Illegal.option.option", "\uC798\uBABB\uB41C \uC635\uC158: {0}"},
-        {"Usage.policytool.options.", "\uC0AC\uC6A9\uBC95: policytool [options]"},
-        {".file.file.policy.file.location",
-                "  [-file <file>]    \uC815\uCC45 \uD30C\uC77C \uC704\uCE58"},
-        {"New", "\uC0C8\uB85C \uB9CC\uB4E4\uAE30"},
-        {"Open", "\uC5F4\uAE30"},
-        {"Save", "\uC800\uC7A5"},
-        {"Save.As", "\uB2E4\uB978 \uC774\uB984\uC73C\uB85C \uC800\uC7A5"},
-        {"View.Warning.Log", "\uACBD\uACE0 \uB85C\uADF8 \uBCF4\uAE30"},
-        {"Exit", "\uC885\uB8CC"},
-        {"Add.Policy.Entry", "\uC815\uCC45 \uD56D\uBAA9 \uCD94\uAC00"},
-        {"Edit.Policy.Entry", "\uC815\uCC45 \uD56D\uBAA9 \uD3B8\uC9D1"},
-        {"Remove.Policy.Entry", "\uC815\uCC45 \uD56D\uBAA9 \uC81C\uAC70"},
-        {"Edit", "\uD3B8\uC9D1"},
-        {"Retain", "\uC720\uC9C0"},
-
-        {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes",
-            "\uACBD\uACE0: \uD30C\uC77C \uC774\uB984\uC5D0 \uC774\uC2A4\uCF00\uC774\uD504\uB41C \uBC31\uC2AC\uB798\uC2DC \uBB38\uC790\uAC00 \uD3EC\uD568\uB418\uC5C8\uC744 \uC218 \uC788\uC2B5\uB2C8\uB2E4. \uBC31\uC2AC\uB798\uC2DC \uBB38\uC790\uB294 \uC774\uC2A4\uCF00\uC774\uD504\uD560 \uD544\uC694\uAC00 \uC5C6\uC2B5\uB2C8\uB2E4. \uC601\uAD6C \uC800\uC7A5\uC18C\uC5D0 \uC815\uCC45 \uCF58\uD150\uCE20\uB97C \uC4F8 \uB54C \uD544\uC694\uC5D0 \uB530\uB77C \uC790\uB3D9\uC73C\uB85C \uBB38\uC790\uAC00 \uC774\uC2A4\uCF00\uC774\uD504\uB429\uB2C8\uB2E4.\n\n\uC785\uB825\uB41C \uC774\uB984\uC744 \uADF8\uB300\uB85C \uC720\uC9C0\uD558\uB824\uBA74 [\uC720\uC9C0]\uB97C \uB204\uB974\uACE0, \uC774\uB984\uC744 \uD3B8\uC9D1\uD558\uB824\uBA74 [\uD3B8\uC9D1]\uC744 \uB204\uB974\uC2ED\uC2DC\uC624."},
-
-        {"Add.Public.Key.Alias", "\uACF5\uC6A9 \uD0A4 \uBCC4\uCE6D \uCD94\uAC00"},
-        {"Remove.Public.Key.Alias", "\uACF5\uC6A9 \uD0A4 \uBCC4\uCE6D \uC81C\uAC70"},
-        {"File", "\uD30C\uC77C"},
-        {"KeyStore", "\uD0A4 \uC800\uC7A5\uC18C"},
-        {"Policy.File.", "\uC815\uCC45 \uD30C\uC77C:"},
-        {"Could.not.open.policy.file.policyFile.e.toString.",
-                "\uC815\uCC45 \uD30C\uC77C\uC744 \uC5F4 \uC218 \uC5C6\uC74C: {0}: {1}"},
-        {"Policy.Tool", "\uC815\uCC45 \uD234"},
-        {"Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.",
-                "\uC815\uCC45 \uAD6C\uC131\uC744 \uC5EC\uB294 \uC911 \uC624\uB958\uAC00 \uBC1C\uC0DD\uD588\uC2B5\uB2C8\uB2E4. \uC790\uC138\uD55C \uB0B4\uC6A9\uC740 \uACBD\uACE0 \uB85C\uADF8\uB97C \uD655\uC778\uD558\uC2ED\uC2DC\uC624."},
-        {"Error", "\uC624\uB958"},
-        {"OK", "\uD655\uC778"},
-        {"Status", "\uC0C1\uD0DC"},
-        {"Warning", "\uACBD\uACE0"},
-        {"Permission.",
-                "\uAD8C\uD55C:                                                       "},
-        {"Principal.Type.", "\uC8FC\uCCB4 \uC720\uD615:"},
-        {"Principal.Name.", "\uC8FC\uCCB4 \uC774\uB984:"},
-        {"Target.Name.",
-                "\uB300\uC0C1 \uC774\uB984:                                                    "},
-        {"Actions.",
-                "\uC791\uC5C5:                                                             "},
-        {"OK.to.overwrite.existing.file.filename.",
-                "\uAE30\uC874 \uD30C\uC77C {0}\uC744(\uB97C) \uACB9\uCCD0 \uC4F0\uACA0\uC2B5\uB2C8\uAE4C?"},
-        {"Cancel", "\uCDE8\uC18C"},
-        {"CodeBase.", "CodeBase:"},
-        {"SignedBy.", "SignedBy:"},
-        {"Add.Principal", "\uC8FC\uCCB4 \uCD94\uAC00"},
-        {"Edit.Principal", "\uC8FC\uCCB4 \uD3B8\uC9D1"},
-        {"Remove.Principal", "\uC8FC\uCCB4 \uC81C\uAC70"},
-        {"Principals.", "\uC8FC\uCCB4:"},
-        {".Add.Permission", "  \uAD8C\uD55C \uCD94\uAC00"},
-        {".Edit.Permission", "  \uAD8C\uD55C \uD3B8\uC9D1"},
-        {"Remove.Permission", "\uAD8C\uD55C \uC81C\uAC70"},
-        {"Done", "\uC644\uB8CC"},
-        {"KeyStore.URL.", "\uD0A4 \uC800\uC7A5\uC18C URL:"},
-        {"KeyStore.Type.", "\uD0A4 \uC800\uC7A5\uC18C \uC720\uD615:"},
-        {"KeyStore.Provider.", "\uD0A4 \uC800\uC7A5\uC18C \uC81C\uACF5\uC790:"},
-        {"KeyStore.Password.URL.", "\uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638 URL:"},
-        {"Principals", "\uC8FC\uCCB4"},
-        {".Edit.Principal.", "  \uC8FC\uCCB4 \uD3B8\uC9D1:"},
-        {".Add.New.Principal.", "  \uC0C8 \uC8FC\uCCB4 \uCD94\uAC00:"},
-        {"Permissions", "\uAD8C\uD55C"},
-        {".Edit.Permission.", "  \uAD8C\uD55C \uD3B8\uC9D1:"},
-        {".Add.New.Permission.", "  \uC0C8 \uAD8C\uD55C \uCD94\uAC00:"},
-        {"Signed.By.", "\uC11C\uBA85\uC790:"},
-        {"Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name",
-            "\uC640\uC77C\uB4DC \uCE74\uB4DC \uBB38\uC790 \uC774\uB984 \uC5C6\uC774 \uC640\uC77C\uB4DC \uCE74\uB4DC \uBB38\uC790 \uD074\uB798\uC2A4\uB97C \uC0AC\uC6A9\uD558\uB294 \uC8FC\uCCB4\uB97C \uC9C0\uC815\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4."},
-        {"Cannot.Specify.Principal.without.a.Name",
-            "\uC774\uB984 \uC5C6\uC774 \uC8FC\uCCB4\uB97C \uC9C0\uC815\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4."},
-        {"Permission.and.Target.Name.must.have.a.value",
-                "\uAD8C\uD55C\uACFC \uB300\uC0C1 \uC774\uB984\uC758 \uAC12\uC774 \uC788\uC5B4\uC57C \uD569\uB2C8\uB2E4."},
-        {"Remove.this.Policy.Entry.", "\uC774 \uC815\uCC45 \uD56D\uBAA9\uC744 \uC81C\uAC70\uD558\uACA0\uC2B5\uB2C8\uAE4C?"},
-        {"Overwrite.File", "\uD30C\uC77C \uACB9\uCCD0\uC4F0\uAE30"},
-        {"Policy.successfully.written.to.filename",
-                "{0}\uC5D0 \uC131\uACF5\uC801\uC73C\uB85C \uC815\uCC45\uC744 \uC37C\uC2B5\uB2C8\uB2E4."},
-        {"null.filename", "\uB110 \uD30C\uC77C \uC774\uB984"},
-        {"Save.changes.", "\uBCC0\uACBD \uC0AC\uD56D\uC744 \uC800\uC7A5\uD558\uACA0\uC2B5\uB2C8\uAE4C?"},
-        {"Yes", "\uC608"},
-        {"No", "\uC544\uB2C8\uC624"},
-        {"Policy.Entry", "\uC815\uCC45 \uD56D\uBAA9"},
-        {"Save.Changes", "\uBCC0\uACBD \uC0AC\uD56D \uC800\uC7A5"},
-        {"No.Policy.Entry.selected", "\uC120\uD0DD\uB41C \uC815\uCC45 \uD56D\uBAA9\uC774 \uC5C6\uC2B5\uB2C8\uB2E4."},
-        {"Unable.to.open.KeyStore.ex.toString.",
-                "\uD0A4 \uC800\uC7A5\uC18C\uB97C \uC5F4 \uC218 \uC5C6\uC74C: {0}"},
-        {"No.principal.selected", "\uC120\uD0DD\uB41C \uC8FC\uCCB4\uAC00 \uC5C6\uC2B5\uB2C8\uB2E4."},
-        {"No.permission.selected", "\uC120\uD0DD\uB41C \uAD8C\uD55C\uC774 \uC5C6\uC2B5\uB2C8\uB2E4."},
-        {"name", "\uC774\uB984"},
-        {"configuration.type", "\uAD6C\uC131 \uC720\uD615"},
-        {"environment.variable.name", "\uD658\uACBD \uBCC0\uC218 \uC774\uB984"},
-        {"library.name", "\uB77C\uC774\uBE0C\uB7EC\uB9AC \uC774\uB984"},
-        {"package.name", "\uD328\uD0A4\uC9C0 \uC774\uB984"},
-        {"policy.type", "\uC815\uCC45 \uC720\uD615"},
-        {"property.name", "\uC18D\uC131 \uC774\uB984"},
-        {"Principal.List", "\uC8FC\uCCB4 \uBAA9\uB85D"},
-        {"Permission.List", "\uAD8C\uD55C \uBAA9\uB85D"},
-        {"Code.Base", "\uCF54\uB4DC \uBCA0\uC774\uC2A4"},
-        {"KeyStore.U.R.L.", "\uD0A4 \uC800\uC7A5\uC18C URL:"},
-        {"KeyStore.Password.U.R.L.", "\uD0A4 \uC800\uC7A5\uC18C \uBE44\uBC00\uBC88\uD638 URL:"},
-
-
         // javax.security.auth.PrivateCredentialPermission
         {"invalid.null.input.s.", "\uB110 \uC785\uB825\uAC12\uC774 \uBD80\uC801\uD569\uD569\uB2C8\uB2E4."},
         {"actions.can.only.be.read.", "\uC791\uC5C5\uC740 '\uC77D\uAE30' \uC804\uC6A9\uC785\uB2C8\uB2E4."},
@@ -553,6 +58,7 @@
         {"provided.null.OID.map", "\uB110 OID \uB9F5\uC744 \uC81C\uACF5\uD588\uC2B5\uB2C8\uB2E4."},
 
         // javax.security.auth.Subject
+        {"NEWLINE", "\n"},
         {"invalid.null.AccessControlContext.provided",
                 "\uBD80\uC801\uD569\uD55C \uB110 AccessControlContext\uAC00 \uC81C\uACF5\uB418\uC5C8\uC2B5\uB2C8\uB2E4."},
         {"invalid.null.action.provided", "\uBD80\uC801\uD569\uD55C \uB110 \uC791\uC5C5\uC774 \uC81C\uACF5\uB418\uC5C8\uC2B5\uB2C8\uB2E4."},
@@ -656,6 +162,7 @@
      *
      * @return the contents of this <code>ResourceBundle</code>.
      */
+    @Override
     public Object[][] getContents() {
         return contents;
     }
--- a/jdk/src/share/classes/sun/security/util/Resources_pt_BR.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/src/share/classes/sun/security/util/Resources_pt_BR.java	Sun Oct 14 22:58:59 2012 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -34,501 +34,6 @@
 
     private static final Object[][] contents = {
 
-        // shared (from jarsigner)
-        {"SPACE", " "},
-        {"2SPACE", "  "},
-        {"6SPACE", "      "},
-        {"COMMA", ", "},
-        // shared (from keytool)
-        {"NEWLINE", "\n"},
-        {"STAR",
-                "*******************************************"},
-        {"STARNN",
-                "*******************************************\n\n"},
-
-        // keytool: Help part
-// "Option" should be translated.
-        {".OPTION.", " [Op\u00E7\u00E3o]..."},
-        {"Options.", "Op\u00E7\u00F5es:"},
-        {"Use.keytool.help.for.all.available.commands",
-                 "Use \"keytool -help\" para todos os comandos dispon\u00EDveis"},
-        {"Key.and.Certificate.Management.Tool",
-                 "Ferramenta de Gerenciamento de Chave e Certificado"},
-        {"Commands.", "Comandos:"},
-        {"Use.keytool.command.name.help.for.usage.of.command.name",
-                "Use \"keytool -command_name -help\" para uso de command_name"},
-        // keytool: help: commands
-        {"Generates.a.certificate.request",
-                "Gera uma solicita\u00E7\u00E3o de certificado"}, //-certreq
-        {"Changes.an.entry.s.alias",
-                "Altera um alias de entrada"}, //-changealias
-        {"Deletes.an.entry",
-                "Deleta uma entrada"}, //-delete
-        {"Exports.certificate",
-                "Exporta o certificado"}, //-exportcert
-        {"Generates.a.key.pair",
-                "Gera um par de chaves"}, //-genkeypair
-// translation of "secret" key should be different to "private" key.
-        {"Generates.a.secret.key",
-                "Gera uma chave Secreta"}, //-genseckey
-        {"Generates.certificate.from.a.certificate.request",
-                "Gera um certificado de uma solicita\u00E7\u00E3o de certificado"}, //-gencert
-        {"Generates.CRL", "Gera CRL"}, //-gencrl
-        {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
-                "Importa entradas de um banco de dados de identidade JDK 1.1.x-style"}, //-identitydb
-        {"Imports.a.certificate.or.a.certificate.chain",
-                "Importa um certificado ou uma cadeia de certificados"}, //-importcert
-        {"Imports.one.or.all.entries.from.another.keystore",
-                "Importa uma ou todas as entradas de outra \u00E1rea de armazenamento de chaves"}, //-importkeystore
-        {"Clones.a.key.entry",
-                "Clona uma entrada de chave"}, //-keyclone
-        {"Changes.the.key.password.of.an.entry",
-                "Altera a senha da chave de uma entrada"}, //-keypasswd
-        {"Lists.entries.in.a.keystore",
-                "Lista entradas em uma \u00E1rea de armazenamento de chaves"}, //-list
-        {"Prints.the.content.of.a.certificate",
-                "Imprime o conte\u00FAdo de um certificado"}, //-printcert
-        {"Prints.the.content.of.a.certificate.request",
-                "Imprime o conte\u00FAdo de uma solicita\u00E7\u00E3o de certificado"}, //-printcertreq
-        {"Prints.the.content.of.a.CRL.file",
-                "Imprime o conte\u00FAdo de um arquivo CRL"}, //-printcrl
-        {"Generates.a.self.signed.certificate",
-                "Gera um certificado autoassinado"}, //-selfcert
-        {"Changes.the.store.password.of.a.keystore",
-                "Altera a senha de armazenamento de uma \u00E1rea de armazenamento de chaves"}, //-storepasswd
-        // keytool: help: options
-        {"alias.name.of.the.entry.to.process",
-                "nome do alias da entrada a ser processada"}, //-alias
-        {"destination.alias",
-                "alias de destino"}, //-destalias
-        {"destination.key.password",
-                "senha da chave de destino"}, //-destkeypass
-        {"destination.keystore.name",
-                "nome da \u00E1rea de armazenamento de chaves de destino"}, //-destkeystore
-        {"destination.keystore.password.protected",
-                "senha protegida da \u00E1rea de armazenamento de chaves de destino"}, //-destprotected
-        {"destination.keystore.provider.name",
-                "nome do fornecedor da \u00E1rea de armazenamento de chaves de destino"}, //-destprovidername
-        {"destination.keystore.password",
-                "senha da \u00E1rea de armazenamento de chaves de destino"}, //-deststorepass
-        {"destination.keystore.type",
-                "tipo de \u00E1rea de armazenamento de chaves de destino"}, //-deststoretype
-        {"distinguished.name",
-                "nome distinto"}, //-dname
-        {"X.509.extension",
-                "extens\u00E3o X.509"}, //-ext
-        {"output.file.name",
-                "nome do arquivo de sa\u00EDda"}, //-file and -outfile
-        {"input.file.name",
-                "nome do arquivo de entrada"}, //-file and -infile
-        {"key.algorithm.name",
-                "nome do algoritmo da chave"}, //-keyalg
-        {"key.password",
-                "senha da chave"}, //-keypass
-        {"key.bit.size",
-                "tamanho do bit da chave"}, //-keysize
-        {"keystore.name",
-                "nome da \u00E1rea de armazenamento de chaves"}, //-keystore
-        {"new.password",
-                "nova senha"}, //-new
-        {"do.not.prompt",
-                "n\u00E3o perguntar"}, //-noprompt
-        {"password.through.protected.mechanism",
-                "senha por meio de mecanismo protegido"}, //-protected
-        {"provider.argument",
-                "argumento do fornecedor"}, //-providerarg
-        {"provider.class.name",
-                "nome da classe do fornecedor"}, //-providerclass
-        {"provider.name",
-                "nome do fornecedor"}, //-providername
-        {"provider.classpath",
-                "classpath do fornecedor"}, //-providerpath
-        {"output.in.RFC.style",
-                "sa\u00EDda no estilo RFC"}, //-rfc
-        {"signature.algorithm.name",
-                "nome do algoritmo de assinatura"}, //-sigalg
-        {"source.alias",
-                "alias de origem"}, //-srcalias
-        {"source.key.password",
-                "senha da chave de origem"}, //-srckeypass
-        {"source.keystore.name",
-                "nome da \u00E1rea de armazenamento de chaves de origem"}, //-srckeystore
-        {"source.keystore.password.protected",
-                "senha protegida da \u00E1rea de armazenamento de chaves de origem"}, //-srcprotected
-        {"source.keystore.provider.name",
-                "nome do fornecedor da \u00E1rea de armazenamento de chaves de origem"}, //-srcprovidername
-        {"source.keystore.password",
-                "senha da \u00E1rea de armazenamento de chaves de origem"}, //-srcstorepass
-        {"source.keystore.type",
-                "tipo de \u00E1rea de armazenamento de chaves de origem"}, //-srcstoretype
-        {"SSL.server.host.and.port",
-                "porta e host do servidor SSL"}, //-sslserver
-        {"signed.jar.file",
-                "arquivo jar assinado"}, //=jarfile
-        {"certificate.validity.start.date.time",
-                "data/hora inicial de validade do certificado"}, //-startdate
-        {"keystore.password",
-                "senha da \u00E1rea de armazenamento de chaves"}, //-storepass
-        {"keystore.type",
-                "tipo de \u00E1rea de armazenamento de chaves"}, //-storetype
-        {"trust.certificates.from.cacerts",
-                "certificados confi\u00E1veis do cacerts"}, //-trustcacerts
-        {"verbose.output",
-                "sa\u00EDda detalhada"}, //-v
-        {"validity.number.of.days",
-                "n\u00FAmero de dias da validade"}, //-validity
-        {"Serial.ID.of.cert.to.revoke",
-                 "ID de s\u00E9rie do certificado a ser revogado"}, //-id
-        // keytool: Running part
-        {"keytool.error.", "erro de keytool: "},
-        {"Illegal.option.", "Op\u00E7\u00E3o inv\u00E1lida:  "},
-        {"Illegal.value.", "Valor inv\u00E1lido: "},
-        {"Unknown.password.type.", "Tipo de senha desconhecido: "},
-        {"Cannot.find.environment.variable.",
-                "N\u00E3o \u00E9 poss\u00EDvel localizar a vari\u00E1vel do ambiente: "},
-        {"Cannot.find.file.", "N\u00E3o \u00E9 poss\u00EDvel localizar o arquivo: "},
-        {"Command.option.flag.needs.an.argument.", "A op\u00E7\u00E3o de comando {0} precisa de um argumento."},
-        {"Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value.",
-                "Advert\u00EAncia: Senhas de chave e de armazenamento diferentes n\u00E3o suportadas para KeyStores PKCS12. Ignorando valor {0} especificado pelo usu\u00E1rio."},
-        {".keystore.must.be.NONE.if.storetype.is.{0}",
-                "-keystore deve ser NONE se -storetype for {0}"},
-        {"Too.many.retries.program.terminated",
-                 "Excesso de tentativas de repeti\u00E7\u00E3o; programa finalizado"},
-        {".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}",
-                "comandos -storepasswd e -keypasswd n\u00E3o suportados se -storetype for {0}"},
-        {".keypasswd.commands.not.supported.if.storetype.is.PKCS12",
-                "comandos -keypasswd n\u00E3o suportados se -storetype for PKCS12"},
-        {".keypass.and.new.can.not.be.specified.if.storetype.is.{0}",
-                "-keypass e -new n\u00E3o podem ser especificados se -storetype for {0}"},
-        {"if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified",
-                "se -protected for especificado, ent\u00E3o -storepass, -keypass e -new n\u00E3o dever\u00E3o ser especificados"},
-        {"if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified",
-                "se -srcprotected for especificado, ent\u00E3o -srcstorepass e -srckeypass n\u00E3o dever\u00E3o ser especificados"},
-        {"if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified",
-                "se a \u00E1rea de armazenamento de chaves n\u00E3o estiver protegida por senha, ent\u00E3o -storepass, -keypass e -new n\u00E3o dever\u00E3o ser especificados"},
-        {"if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified",
-                "se a \u00E1rea de armazenamento de chaves de origem n\u00E3o estiver protegida por senha, ent\u00E3o -srcstorepass e -srckeypass n\u00E3o dever\u00E3o ser especificados"},
-        {"Illegal.startdate.value", "valor da data inicial inv\u00E1lido"},
-        {"Validity.must.be.greater.than.zero",
-                "A validade deve ser maior do que zero"},
-        {"provName.not.a.provider", "{0} n\u00E3o \u00E9 um fornecedor"},
-        {"Usage.error.no.command.provided", "Erro de uso: nenhum comando fornecido"},
-        {"Source.keystore.file.exists.but.is.empty.", "O arquivo da \u00E1rea de armazenamento de chaves de origem existe, mas est\u00E1 vazio: "},
-        {"Please.specify.srckeystore", "Especifique -srckeystore"},
-        {"Must.not.specify.both.v.and.rfc.with.list.command",
-                "N\u00E3o devem ser especificados -v e -rfc com o comando 'list'"},
-        {"Key.password.must.be.at.least.6.characters",
-                "A senha da chave deve ter, no m\u00EDnimo, 6 caracteres"},
-        {"New.password.must.be.at.least.6.characters",
-                "A nova senha deve ter, no m\u00EDnimo, 6 caracteres"},
-        {"Keystore.file.exists.but.is.empty.",
-                "O arquivo da \u00E1rea de armazenamento de chaves existe, mas est\u00E1 vazio: "},
-        {"Keystore.file.does.not.exist.",
-                "O arquivo da \u00E1rea de armazenamento de chaves n\u00E3o existe. "},
-        {"Must.specify.destination.alias", "Deve ser especificado um alias de destino"},
-        {"Must.specify.alias", "Deve ser especificado um alias"},
-        {"Keystore.password.must.be.at.least.6.characters",
-                "A senha da \u00E1rea de armazenamento de chaves deve ter, no m\u00EDnimo, 6 caracteres"},
-        {"Enter.keystore.password.", "Informe a senha da \u00E1rea de armazenamento de chaves:  "},
-        {"Enter.source.keystore.password.", "Informe a senha da \u00E1rea de armazenamento de chaves de origem:  "},
-        {"Enter.destination.keystore.password.", "Informe a senha da \u00E1rea de armazenamento de chaves de destino:  "},
-        {"Keystore.password.is.too.short.must.be.at.least.6.characters",
-         "A senha da \u00E1rea de armazenamento de chaves \u00E9 muito curta - ela deve ter, no m\u00EDnimo, 6 caracteres"},
-        {"Unknown.Entry.Type", "Tipo de Entrada Desconhecido"},
-        {"Too.many.failures.Alias.not.changed", "Excesso de falhas. Alias n\u00E3o alterado"},
-        {"Entry.for.alias.alias.successfully.imported.",
-                 "Entrada do alias {0} importada com \u00EAxito."},
-        {"Entry.for.alias.alias.not.imported.", "Entrada do alias {0} n\u00E3o importada."},
-        {"Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported.",
-                 "Problema ao importar a entrada do alias {0}: {1}.\nEntrada do alias {0} n\u00E3o importada."},
-        {"Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled",
-                 "Comando de importa\u00E7\u00E3o conclu\u00EDdo:  {0} entradas importadas com \u00EAxito, {1} entradas falharam ou foram canceladas"},
-        {"Warning.Overwriting.existing.alias.alias.in.destination.keystore",
-                 "Advert\u00EAncia: Substitui\u00E7\u00E3o do alias {0} existente na \u00E1rea de armazenamento de chaves de destino"},
-        {"Existing.entry.alias.alias.exists.overwrite.no.",
-                 "Entrada j\u00E1 existente no alias {0}, substituir? [n\u00E3o]:  "},
-        {"Too.many.failures.try.later", "Excesso de falhas - tente mais tarde"},
-        {"Certification.request.stored.in.file.filename.",
-                "Solicita\u00E7\u00E3o de certificado armazenada no arquivo <{0}>"},
-        {"Submit.this.to.your.CA", "Submeter \u00E0 CA"},
-        {"if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified",
-            "se o alias n\u00E3o estiver especificado, destalias, srckeypass e destkeypass n\u00E3o dever\u00E3o ser especificados"},
-        {"Certificate.stored.in.file.filename.",
-                "Certificado armazenado no arquivo <{0}>"},
-        {"Certificate.reply.was.installed.in.keystore",
-                "A resposta do certificado foi instalada na \u00E1rea de armazenamento de chaves"},
-        {"Certificate.reply.was.not.installed.in.keystore",
-                "A resposta do certificado n\u00E3o foi instalada na \u00E1rea de armazenamento de chaves"},
-        {"Certificate.was.added.to.keystore",
-                "O certificado foi adicionado \u00E0 \u00E1rea de armazenamento de chaves"},
-        {"Certificate.was.not.added.to.keystore",
-                "O certificado n\u00E3o foi adicionado \u00E0 \u00E1rea de armazenamento de chaves"},
-        {".Storing.ksfname.", "[Armazenando {0}]"},
-        {"alias.has.no.public.key.certificate.",
-                "{0} n\u00E3o tem chave p\u00FAblica (certificado)"},
-        {"Cannot.derive.signature.algorithm",
-                "N\u00E3o \u00E9 poss\u00EDvel obter um algoritmo de assinatura"},
-        {"Alias.alias.does.not.exist",
-                "O alias <{0}> n\u00E3o existe"},
-        {"Alias.alias.has.no.certificate",
-                "O alias <{0}> n\u00E3o tem certificado"},
-        {"Key.pair.not.generated.alias.alias.already.exists",
-                "Par de chaves n\u00E3o gerado; o alias <{0}> j\u00E1 existe"},
-        {"Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for",
-                "Gerando o par de chaves {1} de {0} bit e o certificado autoassinado ({2}) com uma validade de {3} dias\n\tpara: {4}"},
-        {"Enter.key.password.for.alias.", "Informar a senha da chave de <{0}>"},
-        {".RETURN.if.same.as.keystore.password.",
-                "\t(RETURN se for igual \u00E0 senha da \u00E1rea do armazenamento de chaves):  "},
-        {"Key.password.is.too.short.must.be.at.least.6.characters",
-                "A senha da chave \u00E9 muito curta - deve ter, no m\u00EDnimo, 6 caracteres"},
-        {"Too.many.failures.key.not.added.to.keystore",
-                "Excesso de falhas - chave n\u00E3o adicionada a \u00E1rea de armazenamento de chaves"},
-        {"Destination.alias.dest.already.exists",
-                "O alias de destino <{0}> j\u00E1 existe"},
-        {"Password.is.too.short.must.be.at.least.6.characters",
-                "A senha \u00E9 muito curta - deve ter, no m\u00EDnimo, 6 caracteres"},
-        {"Too.many.failures.Key.entry.not.cloned",
-                "Excesso de falhas. Entrada da chave n\u00E3o clonada"},
-        {"key.password.for.alias.", "senha da chave de <{0}>"},
-        {"Keystore.entry.for.id.getName.already.exists",
-                "A entrada da \u00E1rea do armazenamento de chaves de <{0}> j\u00E1 existe"},
-        {"Creating.keystore.entry.for.id.getName.",
-                "Criando entrada da \u00E1rea do armazenamento de chaves para <{0}> ..."},
-        {"No.entries.from.identity.database.added",
-                "Nenhuma entrada adicionada do banco de dados de identidades"},
-        {"Alias.name.alias", "Nome do alias: {0}"},
-        {"Creation.date.keyStore.getCreationDate.alias.",
-                "Data de cria\u00E7\u00E3o: {0,date}"},
-        {"alias.keyStore.getCreationDate.alias.",
-                "{0}, {1,date}, "},
-        {"alias.", "{0}, "},
-        {"Entry.type.type.", "Tipo de entrada: {0}"},
-        {"Certificate.chain.length.", "Comprimento da cadeia de certificados: "},
-        {"Certificate.i.1.", "Certificado[{0,number,integer}]:"},
-        {"Certificate.fingerprint.SHA1.", "Fingerprint (MD5) do certificado: "},
-        {"Keystore.type.", "Tipo de \u00E1rea de armazenamento de chaves: "},
-        {"Keystore.provider.", "Fornecedor da \u00E1rea de armazenamento de chaves: "},
-        {"Your.keystore.contains.keyStore.size.entry",
-                "Sua \u00E1rea de armazenamento de chaves cont\u00E9m {0,number,integer} entrada"},
-        {"Your.keystore.contains.keyStore.size.entries",
-                "Sua \u00E1rea de armazenamento de chaves cont\u00E9m {0,number,integer} entradas"},
-        {"Failed.to.parse.input", "Falha durante o parse da entrada"},
-        {"Empty.input", "Entrada vazia"},
-        {"Not.X.509.certificate", "N\u00E3o \u00E9 um certificado X.509"},
-        {"alias.has.no.public.key", "{0} n\u00E3o tem chave p\u00FAblica"},
-        {"alias.has.no.X.509.certificate", "{0} n\u00E3o tem certificado X.509"},
-        {"New.certificate.self.signed.", "Novo certificado (autoassinado):"},
-        {"Reply.has.no.certificates", "A resposta n\u00E3o tem certificado"},
-        {"Certificate.not.imported.alias.alias.already.exists",
-                "Certificado n\u00E3o importado, o alias <{0}> j\u00E1 existe"},
-        {"Input.not.an.X.509.certificate", "A entrada n\u00E3o \u00E9 um certificado X.509"},
-        {"Certificate.already.exists.in.keystore.under.alias.trustalias.",
-                "O certificado j\u00E1 existe no armazenamento de chaves no alias <{0}>"},
-        {"Do.you.still.want.to.add.it.no.",
-                "Ainda deseja adicion\u00E1-lo? [n\u00E3o]:  "},
-        {"Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias.",
-                "O certificado j\u00E1 existe na \u00E1rea de armazenamento de chaves da CA em todo o sistema no alias <{0}>"},
-        {"Do.you.still.want.to.add.it.to.your.own.keystore.no.",
-                "Ainda deseja adicion\u00E1-lo \u00E0 sua \u00E1rea de armazenamento de chaves? [n\u00E3o]:  "},
-        {"Trust.this.certificate.no.", "Confiar neste certificado? [n\u00E3o]:  "},
-        {"YES", "Sim"},
-        {"New.prompt.", "Nova {0}: "},
-        {"Passwords.must.differ", "As senhas devem ser diferentes"},
-        {"Re.enter.new.prompt.", "Informe novamente a nova {0}: "},
-        {"Re.enter.new.password.", "Informe novamente a nova senha: "},
-        {"They.don.t.match.Try.again", "Elas n\u00E3o correspondem. Tente novamente"},
-        {"Enter.prompt.alias.name.", "Informe o nome do alias {0}:  "},
-        {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
-                 "Informe o novo nome do alias\t(RETURN para cancelar a importa\u00E7\u00E3o desta entrada):  "},
-        {"Enter.alias.name.", "Informe o nome do alias:  "},
-        {".RETURN.if.same.as.for.otherAlias.",
-                "\t(RETURN se for igual ao de <{0}>)"},
-        {".PATTERN.printX509Cert",
-                "Propriet\u00E1rio: {0}\nEmissor: {1}\nN\u00FAmero de s\u00E9rie: {2}\nV\u00E1lido de: {3} a: {4}\nFingerprints do certificado:\n\t MD5:  {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t Nome do algoritmo de assinatura: {8}\n\t Vers\u00E3o: {9}"},
-        {"What.is.your.first.and.last.name.",
-                "Qual \u00E9 o seu nome e o seu sobrenome?"},
-        {"What.is.the.name.of.your.organizational.unit.",
-                "Qual \u00E9 o nome da sua unidade organizacional?"},
-        {"What.is.the.name.of.your.organization.",
-                "Qual \u00E9 o nome da sua empresa?"},
-        {"What.is.the.name.of.your.City.or.Locality.",
-                "Qual \u00E9 o nome da sua Cidade ou Localidade?"},
-        {"What.is.the.name.of.your.State.or.Province.",
-                "Qual \u00E9 o nome do seu Estado ou Munic\u00EDpio?"},
-        {"What.is.the.two.letter.country.code.for.this.unit.",
-                "Quais s\u00E3o as duas letras do c\u00F3digo do pa\u00EDs desta unidade?"},
-        {"Is.name.correct.", "{0} Est\u00E1 correto?"},
-        {"no", "n\u00E3o"},
-        {"yes", "sim"},
-        {"y", "s"},
-        {".defaultValue.", "  [{0}]:  "},
-        {"Alias.alias.has.no.key",
-                "O alias <{0}> n\u00E3o tem chave"},
-        {"Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key",
-                 "O alias <{0}> faz refer\u00EAncia a um tipo de entrada que n\u00E3o \u00E9 uma entrada de chave privada. O comando -keyclone oferece suporte somente \u00E0 clonagem de entradas de chave privada"},
-
-        {".WARNING.WARNING.WARNING.",
-            "*****************  Advert\u00EAncia Advert\u00EAncia Advert\u00EAncia  *****************"},
-        {"Signer.d.", "Signat\u00E1rio #%d:"},
-        {"Timestamp.", "Timestamp:"},
-        {"Signature.", "Assinatura:"},
-        {"CRLs.", "CRLs:"},
-        {"Certificate.owner.", "Propriet\u00E1rio do certificado: "},
-        {"Not.a.signed.jar.file", "N\u00E3o \u00E9 um arquivo jar assinado"},
-        {"No.certificate.from.the.SSL.server",
-                "N\u00E3o \u00E9 um certificado do servidor SSL"},
-
-        {".The.integrity.of.the.information.stored.in.your.keystore.",
-            "* A integridade das informa\u00E7\u00F5es armazenadas na sua \u00E1rea de armazenamento de chaves  *\n* N\u00C3O foi verificada!  Para que seja poss\u00EDvel verificar sua integridade, *\n* voc\u00EA deve fornecer a senha da \u00E1rea de armazenamento de chaves.                  *"},
-        {".The.integrity.of.the.information.stored.in.the.srckeystore.",
-            "* A integridade das informa\u00E7\u00F5es armazenadas no srckeystore  *\n* N\u00C3O foi verificada!  Para que seja poss\u00EDvel verificar sua integridade, *\n* voc\u00EA deve fornecer a senha do srckeystore.                  *"},
-
-        {"Certificate.reply.does.not.contain.public.key.for.alias.",
-                "A resposta do certificado n\u00E3o cont\u00E9m a chave p\u00FAblica de <{0}>"},
-        {"Incomplete.certificate.chain.in.reply",
-                "Cadeia de certificados incompleta na resposta"},
-        {"Certificate.chain.in.reply.does.not.verify.",
-                "A cadeia de certificados da resposta n\u00E3o verifica: "},
-        {"Top.level.certificate.in.reply.",
-                "Certificado de n\u00EDvel superior na resposta:\n"},
-        {".is.not.trusted.", "... n\u00E3o \u00E9 confi\u00E1vel. "},
-        {"Install.reply.anyway.no.", "Instalar resposta assim mesmo? [n\u00E3o]:  "},
-        {"NO", "N\u00E3o"},
-        {"Public.keys.in.reply.and.keystore.don.t.match",
-                "As chaves p\u00FAblicas da resposta e da \u00E1rea de armazenamento de chaves n\u00E3o correspondem"},
-        {"Certificate.reply.and.certificate.in.keystore.are.identical",
-                "O certificado da resposta e o certificado da \u00E1rea de armazenamento de chaves s\u00E3o id\u00EAnticos"},
-        {"Failed.to.establish.chain.from.reply",
-                "Falha ao estabelecer a cadeia a partir da resposta"},
-        {"n", "n"},
-        {"Wrong.answer.try.again", "Resposta errada; tente novamente"},
-        {"Secret.key.not.generated.alias.alias.already.exists",
-                "Chave secreta n\u00E3o gerada; o alias <{0}> j\u00E1 existe"},
-        {"Please.provide.keysize.for.secret.key.generation",
-                "Forne\u00E7a o -keysize para a gera\u00E7\u00E3o da chave secreta"},
-
-        {"Extensions.", "Extens\u00F5es: "},
-        {".Empty.value.", "(Valor vazio)"},
-        {"Extension.Request.", "Solicita\u00E7\u00E3o de Extens\u00E3o:"},
-        {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
-                "Solicita\u00E7\u00E3o do Certificado PKCS #10 (Vers\u00E3o 1.0)\nAssunto: %s\nChave P\u00FAblica: %s formato %s chave\n"},
-        {"Unknown.keyUsage.type.", "Tipo de keyUsage desconhecido: "},
-        {"Unknown.extendedkeyUsage.type.", "Tipo de extendedkeyUsage desconhecido: "},
-        {"Unknown.AccessDescription.type.", "Tipo de AccessDescription desconhecido: "},
-        {"Unrecognized.GeneralName.type.", "Tipo de GeneralName n\u00E3o reconhecido: "},
-        {"This.extension.cannot.be.marked.as.critical.",
-                 "Esta extens\u00E3o n\u00E3o pode ser marcada como cr\u00EDtica. "},
-        {"Odd.number.of.hex.digits.found.", "Encontrado n\u00FAmero \u00EDmpar de seis d\u00EDgitos: "},
-        {"Unknown.extension.type.", "Tipo de extens\u00E3o desconhecido: "},
-        {"command.{0}.is.ambiguous.", "o comando {0} \u00E9 amb\u00EDguo:"},
-
-        // policytool
-        {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.",
-                "Advert\u00EAncia: N\u00E3o existe uma chave p\u00FAblica para o alias {0}. Certifique-se de que um KeyStore esteja configurado adequadamente."},
-        {"Warning.Class.not.found.class", "Advert\u00EAncia: Classe n\u00E3o encontrada: {0}"},
-        {"Warning.Invalid.argument.s.for.constructor.arg",
-                "Advert\u00EAncia: Argumento(s) inv\u00E1lido(s) para o construtor: {0}"},
-        {"Illegal.Principal.Type.type", "Tipo Principal Inv\u00E1lido: {0}"},
-        {"Illegal.option.option", "Op\u00E7\u00E3o inv\u00E1lida: {0}"},
-        {"Usage.policytool.options.", "Uso: policytool [op\u00E7\u00F5es]"},
-        {".file.file.policy.file.location",
-                "  [-file <arquivo>]    localiza\u00E7\u00E3o do arquivo de pol\u00EDtica"},
-        {"New", "Novo"},
-        {"Open", "Abrir"},
-        {"Save", "Salvar"},
-        {"Save.As", "Salvar Como"},
-        {"View.Warning.Log", "Exibir Log de Advert\u00EAncias"},
-        {"Exit", "Sair"},
-        {"Add.Policy.Entry", "Adicionar Entrada de Pol\u00EDtica"},
-        {"Edit.Policy.Entry", "Editar Entrada de Pol\u00EDtica"},
-        {"Remove.Policy.Entry", "Remover Entrada de Pol\u00EDtica"},
-        {"Edit", "Editar"},
-        {"Retain", "Reter"},
-
-        {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes",
-            "Advert\u00EAncia: O nome do arquivo pode conter caracteres de escape barra invertida. N\u00E3o \u00E9 necess\u00E1rio fazer o escape dos caracteres de barra invertida (a ferramenta faz o escape dos caracteres conforme necess\u00E1rio ao gravar o conte\u00FAdo da pol\u00EDtica no armazenamento persistente).\n\nClique em Reter para reter o nome da entrada ou clique em Editar para edit\u00E1-lo."},
-
-        {"Add.Public.Key.Alias", "Adicionar Alias de Chave P\u00FAblica"},
-        {"Remove.Public.Key.Alias", "Remover Alias de Chave P\u00FAblica"},
-        {"File", "Arquivo"},
-        {"KeyStore", "KeyStore"},
-        {"Policy.File.", "Arquivo de Pol\u00EDtica:"},
-        {"Could.not.open.policy.file.policyFile.e.toString.",
-                "N\u00E3o foi poss\u00EDvel abrir o arquivo de pol\u00EDtica: {0}: {1}"},
-        {"Policy.Tool", "Ferramenta de Pol\u00EDtica"},
-        {"Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.",
-                "Erros durante a abertura da configura\u00E7\u00E3o da pol\u00EDtica. Consulte o Log de Advert\u00EAncias para obter mais informa\u00E7\u00F5es."},
-        {"Error", "Erro"},
-        {"OK", "OK"},
-        {"Status", "Status"},
-        {"Warning", "Advert\u00EAncia"},
-        {"Permission.",
-                "Permiss\u00E3o:                                                       "},
-        {"Principal.Type.", "Tipo do Principal:"},
-        {"Principal.Name.", "Nome do Principal:"},
-        {"Target.Name.",
-                "Nome do Alvo:                                                    "},
-        {"Actions.",
-                "A\u00E7\u00F5es:                                                             "},
-        {"OK.to.overwrite.existing.file.filename.",
-                "Est\u00E1 correto substituir o arquivo existente {0}?"},
-        {"Cancel", "Cancelar"},
-        {"CodeBase.", "CodeBase:"},
-        {"SignedBy.", "SignedBy:"},
-        {"Add.Principal", "Adicionar Principal"},
-        {"Edit.Principal", "Editar Principal"},
-        {"Remove.Principal", "Remover Principal"},
-        {"Principals.", "Principais:"},
-        {".Add.Permission", "  Adicionar Permiss\u00E3o"},
-        {".Edit.Permission", "  Editar Permiss\u00E3o"},
-        {"Remove.Permission", "Remover Permiss\u00E3o"},
-        {"Done", "Conclu\u00EDdo"},
-        {"KeyStore.URL.", "URL do KeyStore:"},
-        {"KeyStore.Type.", "Tipo de KeyStore:"},
-        {"KeyStore.Provider.", "Fornecedor de KeyStore:"},
-        {"KeyStore.Password.URL.", "URL da Senha do KeyStore:"},
-        {"Principals", "Principais"},
-        {".Edit.Principal.", "  Editar Principal:"},
-        {".Add.New.Principal.", "  Adicionar Novo Principal:"},
-        {"Permissions", "Permiss\u00F5es"},
-        {".Edit.Permission.", "  Editar Permiss\u00E3o:"},
-        {".Add.New.Permission.", "  Adicionar Nova Permiss\u00E3o:"},
-        {"Signed.By.", "Assinado por:"},
-        {"Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name",
-            "N\u00E3o \u00E9 Poss\u00EDvel Especificar um Principal com uma Classe de Curinga sem um Nome de Curinga"},
-        {"Cannot.Specify.Principal.without.a.Name",
-            "N\u00E3o \u00E9 Poss\u00EDvel Especificar um Principal sem um Nome"},
-        {"Permission.and.Target.Name.must.have.a.value",
-                "O Nome de Destino e a Permiss\u00E3o devem ter um Valor"},
-        {"Remove.this.Policy.Entry.", "Remover esta Entrada de Pol\u00EDtica?"},
-        {"Overwrite.File", "Substituir Arquivo"},
-        {"Policy.successfully.written.to.filename",
-                "Pol\u00EDtica gravada com \u00EAxito em {0}"},
-        {"null.filename", "nome de arquivo nulo"},
-        {"Save.changes.", "Salvar altera\u00E7\u00F5es?"},
-        {"Yes", "Sim"},
-        {"No", "N\u00E3o"},
-        {"Policy.Entry", "Entrada de Pol\u00EDtica"},
-        {"Save.Changes", "Salvar Altera\u00E7\u00F5es"},
-        {"No.Policy.Entry.selected", "Nenhuma Entrada de Pol\u00EDtica Selecionada"},
-        {"Unable.to.open.KeyStore.ex.toString.",
-                "N\u00E3o \u00E9 poss\u00EDvel abrir a KeyStore: {0}"},
-        {"No.principal.selected", "Nenhum principal selecionado"},
-        {"No.permission.selected", "Nenhuma permiss\u00E3o selecionada"},
-        {"name", "nome"},
-        {"configuration.type", "tipo de configura\u00E7\u00E3o"},
-        {"environment.variable.name", "nome da vari\u00E1vel de ambiente"},
-        {"library.name", "nome da biblioteca"},
-        {"package.name", "nome do pacote"},
-        {"policy.type", "tipo de pol\u00EDtica"},
-        {"property.name", "nome da propriedade"},
-        {"Principal.List", "Lista de Principais"},
-        {"Permission.List", "Lista de Permiss\u00F5es"},
-        {"Code.Base", "Base de C\u00F3digo"},
-        {"KeyStore.U.R.L.", "U R L da KeyStore:"},
-        {"KeyStore.Password.U.R.L.", "U R L da Senha do KeyStore:"},
-
-
         // javax.security.auth.PrivateCredentialPermission
         {"invalid.null.input.s.", "entrada(s) nula(s) inv\u00E1lida(s)"},
         {"actions.can.only.be.read.", "as a\u00E7\u00F5es s\u00F3 podem ser 'lidas'"},
@@ -553,6 +58,7 @@
         {"provided.null.OID.map", "mapa OID nulo fornecido"},
 
         // javax.security.auth.Subject
+        {"NEWLINE", "\n"},
         {"invalid.null.AccessControlContext.provided",
                 "AccessControlContext nulo inv\u00E1lido fornecido"},
         {"invalid.null.action.provided", "a\u00E7\u00E3o nula inv\u00E1lida fornecida"},
@@ -656,6 +162,7 @@
      *
      * @return the contents of this <code>ResourceBundle</code>.
      */
+    @Override
     public Object[][] getContents() {
         return contents;
     }
--- a/jdk/src/share/classes/sun/security/util/Resources_sv.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/src/share/classes/sun/security/util/Resources_sv.java	Sun Oct 14 22:58:59 2012 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -34,501 +34,6 @@
 
     private static final Object[][] contents = {
 
-        // shared (from jarsigner)
-        {"SPACE", " "},
-        {"2SPACE", "  "},
-        {"6SPACE", "      "},
-        {"COMMA", ", "},
-        // shared (from keytool)
-        {"NEWLINE", "\n"},
-        {"STAR",
-                "*******************************************"},
-        {"STARNN",
-                "*******************************************\n\n"},
-
-        // keytool: Help part
-// "Option" should be translated.
-        {".OPTION.", " [Alternativ]..."},
-        {"Options.", "Alternativ:"},
-        {"Use.keytool.help.for.all.available.commands",
-                 "L\u00E4s \"Hj\u00E4lp - Nyckelverktyg\" f\u00F6r alla tillg\u00E4ngliga kommandon"},
-        {"Key.and.Certificate.Management.Tool",
-                 "Hanteringsverktyg f\u00F6r nycklar och certifikat"},
-        {"Commands.", "Kommandon:"},
-        {"Use.keytool.command.name.help.for.usage.of.command.name",
-                "L\u00E4s \"Hj\u00E4lp - Nyckelverktyg - command_name\" om anv\u00E4ndning av command_name"},
-        // keytool: help: commands
-        {"Generates.a.certificate.request",
-                "Genererar certifikatbeg\u00E4ran"}, //-certreq
-        {"Changes.an.entry.s.alias",
-                "\u00C4ndrar postalias"}, //-changealias
-        {"Deletes.an.entry",
-                "Tar bort post"}, //-delete
-        {"Exports.certificate",
-                "Exporterar certifikat"}, //-exportcert
-        {"Generates.a.key.pair",
-                "Genererar nyckelpar"}, //-genkeypair
-// translation of "secret" key should be different to "private" key.
-        {"Generates.a.secret.key",
-                "Genererar hemlig nyckel"}, //-genseckey
-        {"Generates.certificate.from.a.certificate.request",
-                "Genererar certifikat fr\u00E5n certifikatbeg\u00E4ran"}, //-gencert
-        {"Generates.CRL", "Genererar CRL"}, //-gencrl
-        {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
-                "Importerar poster fr\u00E5n identitetsdatabas i JDK 1.1.x-format"}, //-identitydb
-        {"Imports.a.certificate.or.a.certificate.chain",
-                "Importerar ett certifikat eller en certifikatkedja"}, //-importcert
-        {"Imports.one.or.all.entries.from.another.keystore",
-                "Importerar en eller alla poster fr\u00E5n annat nyckellager"}, //-importkeystore
-        {"Clones.a.key.entry",
-                "Klonar en nyckelpost"}, //-keyclone
-        {"Changes.the.key.password.of.an.entry",
-                "\u00C4ndrar nyckell\u00F6senordet f\u00F6r en post"}, //-keypasswd
-        {"Lists.entries.in.a.keystore",
-                "Visar lista \u00F6ver poster i nyckellager"}, //-list
-        {"Prints.the.content.of.a.certificate",
-                "Skriver ut inneh\u00E5llet i ett certifikat"}, //-printcert
-        {"Prints.the.content.of.a.certificate.request",
-                "Skriver ut inneh\u00E5llet i en certifikatbeg\u00E4ran"}, //-printcertreq
-        {"Prints.the.content.of.a.CRL.file",
-                "Skriver ut inneh\u00E5llet i en CRL-fil"}, //-printcrl
-        {"Generates.a.self.signed.certificate",
-                "Genererar ett sj\u00E4lvsignerat certifikat"}, //-selfcert
-        {"Changes.the.store.password.of.a.keystore",
-                "\u00C4ndrar lagerl\u00F6senordet f\u00F6r ett nyckellager"}, //-storepasswd
-        // keytool: help: options
-        {"alias.name.of.the.entry.to.process",
-                "aliasnamn f\u00F6r post som ska bearbetas"}, //-alias
-        {"destination.alias",
-                "destinationsalias"}, //-destalias
-        {"destination.key.password",
-                "l\u00F6senord f\u00F6r destinationsnyckel"}, //-destkeypass
-        {"destination.keystore.name",
-                "namn p\u00E5 destinationsnyckellager"}, //-destkeystore
-        {"destination.keystore.password.protected",
-                "skyddat l\u00F6senord f\u00F6r destinationsnyckellager"}, //-destprotected
-        {"destination.keystore.provider.name",
-                "leverant\u00F6rsnamn f\u00F6r destinationsnyckellager"}, //-destprovidername
-        {"destination.keystore.password",
-                "l\u00F6senord f\u00F6r destinationsnyckellager"}, //-deststorepass
-        {"destination.keystore.type",
-                "typ av destinationsnyckellager"}, //-deststoretype
-        {"distinguished.name",
-                "unikt namn"}, //-dname
-        {"X.509.extension",
-                "X.509-till\u00E4gg"}, //-ext
-        {"output.file.name",
-                "namn p\u00E5 utdatafil"}, //-file and -outfile
-        {"input.file.name",
-                "namn p\u00E5 indatafil"}, //-file and -infile
-        {"key.algorithm.name",
-                "namn p\u00E5 nyckelalgoritm"}, //-keyalg
-        {"key.password",
-                "nyckell\u00F6senord"}, //-keypass
-        {"key.bit.size",
-                "nyckelbitstorlek"}, //-keysize
-        {"keystore.name",
-                "namn p\u00E5 nyckellager"}, //-keystore
-        {"new.password",
-                "nytt l\u00F6senord"}, //-new
-        {"do.not.prompt",
-                "fr\u00E5ga inte"}, //-noprompt
-        {"password.through.protected.mechanism",
-                "l\u00F6senord med skyddad mekanism"}, //-protected
-        {"provider.argument",
-                "leverant\u00F6rsargument"}, //-providerarg
-        {"provider.class.name",
-                "namn p\u00E5 leverant\u00F6rsklass"}, //-providerclass
-        {"provider.name",
-                "leverant\u00F6rsnamn"}, //-providername
-        {"provider.classpath",
-                "leverant\u00F6rsklass\u00F6kv\u00E4g"}, //-providerpath
-        {"output.in.RFC.style",
-                "utdata i RFC-format"}, //-rfc
-        {"signature.algorithm.name",
-                "namn p\u00E5 signaturalgoritm"}, //-sigalg
-        {"source.alias",
-                "k\u00E4llalias"}, //-srcalias
-        {"source.key.password",
-                "l\u00F6senord f\u00F6r k\u00E4llnyckel"}, //-srckeypass
-        {"source.keystore.name",
-                "namn p\u00E5 k\u00E4llnyckellager"}, //-srckeystore
-        {"source.keystore.password.protected",
-                "skyddat l\u00F6senord f\u00F6r k\u00E4llnyckellager"}, //-srcprotected
-        {"source.keystore.provider.name",
-                "leverant\u00F6rsnamn f\u00F6r k\u00E4llnyckellager"}, //-srcprovidername
-        {"source.keystore.password",
-                "l\u00F6senord f\u00F6r k\u00E4llnyckellager"}, //-srcstorepass
-        {"source.keystore.type",
-                "typ av k\u00E4llnyckellager"}, //-srcstoretype
-        {"SSL.server.host.and.port",
-                "SSL-serverv\u00E4rd och -port"}, //-sslserver
-        {"signed.jar.file",
-                "signerad jar-fil"}, //=jarfile
-        {"certificate.validity.start.date.time",
-                "startdatum/-tid f\u00F6r certifikatets giltighet"}, //-startdate
-        {"keystore.password",
-                "l\u00F6senord f\u00F6r nyckellager"}, //-storepass
-        {"keystore.type",
-                "nyckellagertyp"}, //-storetype
-        {"trust.certificates.from.cacerts",
-                "tillf\u00F6rlitliga certifikat fr\u00E5n cacerts"}, //-trustcacerts
-        {"verbose.output",
-                "utf\u00F6rliga utdata"}, //-v
-        {"validity.number.of.days",
-                "antal dagar f\u00F6r giltighet"}, //-validity
-        {"Serial.ID.of.cert.to.revoke",
-                 "Seriellt ID f\u00F6r certifikat som ska \u00E5terkallas"}, //-id
-        // keytool: Running part
-        {"keytool.error.", "nyckelverktygsfel: "},
-        {"Illegal.option.", "Otill\u00E5tet alternativ:  "},
-        {"Illegal.value.", "Otill\u00E5tet v\u00E4rde: "},
-        {"Unknown.password.type.", "Ok\u00E4nd l\u00F6senordstyp: "},
-        {"Cannot.find.environment.variable.",
-                "Kan inte hitta milj\u00F6variabel: "},
-        {"Cannot.find.file.", "Hittar inte fil: "},
-        {"Command.option.flag.needs.an.argument.", "Kommandoalternativet {0} beh\u00F6ver ett argument."},
-        {"Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value.",
-                "Varning!  PKCS12-nyckellager har inte st\u00F6d f\u00F6r olika l\u00F6senord f\u00F6r lagret och nyckeln. Det anv\u00E4ndarspecificerade {0}-v\u00E4rdet ignoreras."},
-        {".keystore.must.be.NONE.if.storetype.is.{0}",
-                "-keystore m\u00E5ste vara NONE om -storetype \u00E4r {0}"},
-        {"Too.many.retries.program.terminated",
-                 "F\u00F6r m\u00E5nga f\u00F6rs\u00F6k. Programmet avslutas"},
-        {".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}",
-                "-storepasswd- och -keypasswd-kommandon st\u00F6ds inte om -storetype \u00E4r {0}"},
-        {".keypasswd.commands.not.supported.if.storetype.is.PKCS12",
-                "-keypasswd-kommandon st\u00F6ds inte om -storetype \u00E4r PKCS12"},
-        {".keypass.and.new.can.not.be.specified.if.storetype.is.{0}",
-                "-keypass och -new kan inte anges om -storetype \u00E4r {0}"},
-        {"if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified",
-                "om -protected har angetts f\u00E5r inte -storepass, -keypass och -new anges"},
-        {"if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified",
-                "om -srcprotected anges f\u00E5r -srcstorepass och -srckeypass inte anges"},
-        {"if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified",
-                "om nyckellagret inte \u00E4r l\u00F6senordsskyddat f\u00E5r -storepass, -keypass och -new inte anges"},
-        {"if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified",
-                "om k\u00E4llnyckellagret inte \u00E4r l\u00F6senordsskyddat f\u00E5r -srcstorepass och -srckeypass inte anges"},
-        {"Illegal.startdate.value", "Otill\u00E5tet v\u00E4rde f\u00F6r startdatum"},
-        {"Validity.must.be.greater.than.zero",
-                "Giltigheten m\u00E5ste vara st\u00F6rre \u00E4n noll"},
-        {"provName.not.a.provider", "{0} \u00E4r inte en leverant\u00F6r"},
-        {"Usage.error.no.command.provided", "Syntaxfel: inget kommando angivet"},
-        {"Source.keystore.file.exists.but.is.empty.", "Nyckellagrets k\u00E4llfil finns, men \u00E4r tom: "},
-        {"Please.specify.srckeystore", "Ange -srckeystore"},
-        {"Must.not.specify.both.v.and.rfc.with.list.command",
-                "Kan inte specificera b\u00E5de -v och -rfc med 'list'-kommandot"},
-        {"Key.password.must.be.at.least.6.characters",
-                "Nyckell\u00F6senordet m\u00E5ste inneh\u00E5lla minst 6 tecken"},
-        {"New.password.must.be.at.least.6.characters",
-                "Det nya l\u00F6senordet m\u00E5ste inneh\u00E5lla minst 6 tecken"},
-        {"Keystore.file.exists.but.is.empty.",
-                "Nyckellagerfilen finns, men \u00E4r tom: "},
-        {"Keystore.file.does.not.exist.",
-                "Nyckellagerfilen finns inte: "},
-        {"Must.specify.destination.alias", "Du m\u00E5ste ange destinationsalias"},
-        {"Must.specify.alias", "Du m\u00E5ste ange alias"},
-        {"Keystore.password.must.be.at.least.6.characters",
-                "Nyckellagerl\u00F6senordet m\u00E5ste inneh\u00E5lla minst 6 tecken"},
-        {"Enter.keystore.password.", "Ange nyckellagerl\u00F6senord:  "},
-        {"Enter.source.keystore.password.", "Ange l\u00F6senord f\u00F6r k\u00E4llnyckellagret:  "},
-        {"Enter.destination.keystore.password.", "Ange nyckellagerl\u00F6senord f\u00F6r destination:  "},
-        {"Keystore.password.is.too.short.must.be.at.least.6.characters",
-         "Nyckellagerl\u00F6senordet \u00E4r f\u00F6r kort - det m\u00E5ste inneh\u00E5lla minst 6 tecken"},
-        {"Unknown.Entry.Type", "Ok\u00E4nd posttyp"},
-        {"Too.many.failures.Alias.not.changed", "F\u00F6r m\u00E5nga fel. Alias har inte \u00E4ndrats"},
-        {"Entry.for.alias.alias.successfully.imported.",
-                 "Posten f\u00F6r alias {0} har importerats."},
-        {"Entry.for.alias.alias.not.imported.", "Posten f\u00F6r alias {0} har inte importerats."},
-        {"Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported.",
-                 "Ett problem uppstod vid importen av posten f\u00F6r alias {0}: {1}.\nPosten {0} har inte importerats."},
-        {"Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled",
-                 "Kommandoimporten slutf\u00F6rd: {0} poster har importerats, {1} poster var felaktiga eller annullerades"},
-        {"Warning.Overwriting.existing.alias.alias.in.destination.keystore",
-                 "Varning! Det befintliga aliaset {0} i destinationsnyckellagret skrivs \u00F6ver"},
-        {"Existing.entry.alias.alias.exists.overwrite.no.",
-                 "Aliaset {0} finns redan. Vill du skriva \u00F6ver det? [nej]:  "},
-        {"Too.many.failures.try.later", "F\u00F6r m\u00E5nga fel - f\u00F6rs\u00F6k igen senare"},
-        {"Certification.request.stored.in.file.filename.",
-                "Certifikatbeg\u00E4ran har lagrats i filen <{0}>"},
-        {"Submit.this.to.your.CA", "Skicka detta till certifikatutf\u00E4rdaren"},
-        {"if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified",
-            "om n\u00E5got alias inte anges f\u00E5r destalias, srckeypass och destkeypass inte anges"},
-        {"Certificate.stored.in.file.filename.",
-                "Certifikatet har lagrats i filen <{0}>"},
-        {"Certificate.reply.was.installed.in.keystore",
-                "Certifikatsvaret har installerats i nyckellagret"},
-        {"Certificate.reply.was.not.installed.in.keystore",
-                "Certifikatsvaret har inte installerats i nyckellagret"},
-        {"Certificate.was.added.to.keystore",
-                "Certifikatet har lagts till i nyckellagret"},
-        {"Certificate.was.not.added.to.keystore",
-                "Certifikatet har inte lagts till i nyckellagret"},
-        {".Storing.ksfname.", "[Lagrar {0}]"},
-        {"alias.has.no.public.key.certificate.",
-                "{0} saknar offentlig nyckel (certifikat)"},
-        {"Cannot.derive.signature.algorithm",
-                "Kan inte h\u00E4rleda signaturalgoritm"},
-        {"Alias.alias.does.not.exist",
-                "Aliaset <{0}> finns inte"},
-        {"Alias.alias.has.no.certificate",
-                "Aliaset <{0}> saknar certifikat"},
-        {"Key.pair.not.generated.alias.alias.already.exists",
-                "Nyckelparet genererades inte. Aliaset <{0}> finns redan"},
-        {"Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for",
-                "Genererar {0} bitars {1}-nyckelpar och sj\u00E4lvsignerat certifikat ({2}) med en giltighet p\u00E5 {3} dagar\n\tf\u00F6r: {4}"},
-        {"Enter.key.password.for.alias.", "Ange nyckell\u00F6senord f\u00F6r <{0}>"},
-        {".RETURN.if.same.as.keystore.password.",
-                "\t(RETURN om det \u00E4r identiskt med nyckellagerl\u00F6senordet):  "},
-        {"Key.password.is.too.short.must.be.at.least.6.characters",
-                "Nyckell\u00F6senordet \u00E4r f\u00F6r kort - det m\u00E5ste inneh\u00E5lla minst 6 tecken"},
-        {"Too.many.failures.key.not.added.to.keystore",
-                "F\u00F6r m\u00E5nga fel - nyckeln lades inte till i nyckellagret"},
-        {"Destination.alias.dest.already.exists",
-                "Destinationsaliaset <{0}> finns redan"},
-        {"Password.is.too.short.must.be.at.least.6.characters",
-                "L\u00F6senordet \u00E4r f\u00F6r kort - det m\u00E5ste inneh\u00E5lla minst 6 tecken"},
-        {"Too.many.failures.Key.entry.not.cloned",
-                "F\u00F6r m\u00E5nga fel. Nyckelposten har inte klonats"},
-        {"key.password.for.alias.", "nyckell\u00F6senord f\u00F6r <{0}>"},
-        {"Keystore.entry.for.id.getName.already.exists",
-                "Nyckellagerpost f\u00F6r <{0}> finns redan"},
-        {"Creating.keystore.entry.for.id.getName.",
-                "Skapar nyckellagerpost f\u00F6r <{0}> ..."},
-        {"No.entries.from.identity.database.added",
-                "Inga poster fr\u00E5n identitetsdatabasen har lagts till"},
-        {"Alias.name.alias", "Aliasnamn: {0}"},
-        {"Creation.date.keyStore.getCreationDate.alias.",
-                "Skapat den: {0,date}"},
-        {"alias.keyStore.getCreationDate.alias.",
-                "{0}, {1,date}, "},
-        {"alias.", "{0}, "},
-        {"Entry.type.type.", "Posttyp: {0}"},
-        {"Certificate.chain.length.", "L\u00E4ngd p\u00E5 certifikatskedja: "},
-        {"Certificate.i.1.", "Certifikat[{0,number,integer}]:"},
-        {"Certificate.fingerprint.SHA1.", "Certifikatets fingeravtryck (SHA1): "},
-        {"Keystore.type.", "Nyckellagertyp: "},
-        {"Keystore.provider.", "Nyckellagerleverant\u00F6r: "},
-        {"Your.keystore.contains.keyStore.size.entry",
-                "Nyckellagret inneh\u00E5ller {0,number,integer} post"},
-        {"Your.keystore.contains.keyStore.size.entries",
-                "Nyckellagret inneh\u00E5ller {0,number,integer} poster"},
-        {"Failed.to.parse.input", "Kunde inte tolka indata"},
-        {"Empty.input", "Inga indata"},
-        {"Not.X.509.certificate", "Inte ett X.509-certifikat"},
-        {"alias.has.no.public.key", "{0} saknar offentlig nyckel"},
-        {"alias.has.no.X.509.certificate", "{0} saknar X.509-certifikat"},
-        {"New.certificate.self.signed.", "Nytt certifikat (sj\u00E4lvsignerat):"},
-        {"Reply.has.no.certificates", "Svaret saknar certifikat"},
-        {"Certificate.not.imported.alias.alias.already.exists",
-                "Certifikatet importerades inte. Aliaset <{0}> finns redan"},
-        {"Input.not.an.X.509.certificate", "Indata \u00E4r inte ett X.509-certifikat"},
-        {"Certificate.already.exists.in.keystore.under.alias.trustalias.",
-                "Certifikatet finns redan i nyckellagerfilen under aliaset <{0}>"},
-        {"Do.you.still.want.to.add.it.no.",
-                "Vill du fortfarande l\u00E4gga till det? [nej]:  "},
-        {"Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias.",
-                "Certifikatet finns redan i den systemomsp\u00E4nnande CA-nyckellagerfilen under aliaset <{0}>"},
-        {"Do.you.still.want.to.add.it.to.your.own.keystore.no.",
-                "Vill du fortfarande l\u00E4gga till det i ditt eget nyckellagret? [nej]:  "},
-        {"Trust.this.certificate.no.", "Litar du p\u00E5 det h\u00E4r certifikatet? [nej]:  "},
-        {"YES", "Ja"},
-        {"New.prompt.", "Nytt {0}: "},
-        {"Passwords.must.differ", "L\u00F6senorden m\u00E5ste vara olika"},
-        {"Re.enter.new.prompt.", "Ange nytt {0} igen: "},
-        {"Re.enter.new.password.", "Ange det nya l\u00F6senordet igen: "},
-        {"They.don.t.match.Try.again", "De matchar inte. F\u00F6rs\u00F6k igen"},
-        {"Enter.prompt.alias.name.", "Ange aliasnamn f\u00F6r {0}:  "},
-        {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
-                 "Ange ett nytt aliasnamn\t(skriv RETURN f\u00F6r att avbryta importen av denna post):  "},
-        {"Enter.alias.name.", "Ange aliasnamn:  "},
-        {".RETURN.if.same.as.for.otherAlias.",
-                "\t(RETURN om det \u00E4r det samma som f\u00F6r <{0}>)"},
-        {".PATTERN.printX509Cert",
-                "\u00C4gare: {0}\nUtf\u00E4rdare: {1}\nSerienummer: {2}\nGiltigt fr\u00E5n den: {3} till: {4}\nCertifikatets fingeravtryck:\n\t MD5: {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t Namn p\u00E5 signaturalgoritm: {8}\n\t Version: {9}"},
-        {"What.is.your.first.and.last.name.",
-                "Vad heter du i f\u00F6r- och efternamn?"},
-        {"What.is.the.name.of.your.organizational.unit.",
-                "Vad heter din avdelning inom organisationen?"},
-        {"What.is.the.name.of.your.organization.",
-                "Vad heter din organisation?"},
-        {"What.is.the.name.of.your.City.or.Locality.",
-                "Vad heter din ort eller plats?"},
-        {"What.is.the.name.of.your.State.or.Province.",
-                "Vad heter ditt land eller din provins?"},
-        {"What.is.the.two.letter.country.code.for.this.unit.",
-                "Vilken \u00E4r den tv\u00E5st\u00E4lliga landskoden?"},
-        {"Is.name.correct.", "\u00C4r {0} korrekt?"},
-        {"no", "nej"},
-        {"yes", "ja"},
-        {"y", "j"},
-        {".defaultValue.", "  [{0}]:  "},
-        {"Alias.alias.has.no.key",
-                "Aliaset <{0}> saknar nyckel"},
-        {"Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key",
-                 "Aliaset <{0}> refererar till en posttyp som inte \u00E4r n\u00E5gon privat nyckelpost. Kommandot -keyclone har endast st\u00F6d f\u00F6r kloning av privata nyckelposter"},
-
-        {".WARNING.WARNING.WARNING.",
-            "*****************  Varning Varning Varning  *****************"},
-        {"Signer.d.", "Signerare #%d:"},
-        {"Timestamp.", "Tidsst\u00E4mpel:"},
-        {"Signature.", "Underskrift:"},
-        {"CRLs.", "CRL:er:"},
-        {"Certificate.owner.", "Certifikat\u00E4gare: "},
-        {"Not.a.signed.jar.file", "Ingen signerad jar-fil"},
-        {"No.certificate.from.the.SSL.server",
-                "Inget certifikat fr\u00E5n SSL-servern"},
-
-        {".The.integrity.of.the.information.stored.in.your.keystore.",
-            "* Integriteten f\u00F6r den information som lagras i nyckellagerfilen  *\n* har INTE verifierats!  Om du vill verifiera dess integritet *\n* m\u00E5ste du ange l\u00F6senordet f\u00F6r nyckellagret.                  *"},
-        {".The.integrity.of.the.information.stored.in.the.srckeystore.",
-            "* Integriteten f\u00F6r den information som lagras i srckeystore*\n* har INTE verifierats!  Om du vill verifiera dess integritet *\n* m\u00E5ste du ange l\u00F6senordet f\u00F6r srckeystore.                *"},
-
-        {"Certificate.reply.does.not.contain.public.key.for.alias.",
-                "Certifikatsvaret inneh\u00E5ller inte n\u00E5gon offentlig nyckel f\u00F6r <{0}>"},
-        {"Incomplete.certificate.chain.in.reply",
-                "Ofullst\u00E4ndig certifikatskedja i svaret"},
-        {"Certificate.chain.in.reply.does.not.verify.",
-                "Certifikatskedjan i svaret g\u00E5r inte att verifiera: "},
-        {"Top.level.certificate.in.reply.",
-                "Toppniv\u00E5certifikatet i svaret:\n"},
-        {".is.not.trusted.", "... \u00E4r inte betrott. "},
-        {"Install.reply.anyway.no.", "Vill du installera svaret \u00E4nd\u00E5? [nej]:  "},
-        {"NO", "Nej"},
-        {"Public.keys.in.reply.and.keystore.don.t.match",
-                "De offentliga nycklarna i svaret och nyckellagret matchar inte varandra"},
-        {"Certificate.reply.and.certificate.in.keystore.are.identical",
-                "Certifikatsvaret och certifikatet i nyckellagret \u00E4r identiska"},
-        {"Failed.to.establish.chain.from.reply",
-                "Kunde inte uppr\u00E4tta kedja fr\u00E5n svaret"},
-        {"n", "n"},
-        {"Wrong.answer.try.again", "Fel svar. F\u00F6rs\u00F6k p\u00E5 nytt."},
-        {"Secret.key.not.generated.alias.alias.already.exists",
-                "Den hemliga nyckeln har inte genererats eftersom aliaset <{0}> redan finns"},
-        {"Please.provide.keysize.for.secret.key.generation",
-                "Ange -keysize f\u00F6r att skapa hemlig nyckel"},
-
-        {"Extensions.", "Till\u00E4gg: "},
-        {".Empty.value.", "(Tomt v\u00E4rde)"},
-        {"Extension.Request.", "Till\u00E4ggsbeg\u00E4ran:"},
-        {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
-                "PKCS #10 certifikatbeg\u00E4ran (version 1.0)\n\u00C4mne: %s\nAllm\u00E4n nyckel: %s-format %s-nyckel\n"},
-        {"Unknown.keyUsage.type.", "Ok\u00E4nd keyUsage-typ: "},
-        {"Unknown.extendedkeyUsage.type.", "Ok\u00E4nd extendedkeyUsage-typ: "},
-        {"Unknown.AccessDescription.type.", "Ok\u00E4nd AccessDescription-typ: "},
-        {"Unrecognized.GeneralName.type.", "Ok\u00E4nd GeneralName-typ: "},
-        {"This.extension.cannot.be.marked.as.critical.",
-                 "Detta till\u00E4gg kan inte markeras som kritiskt. "},
-        {"Odd.number.of.hex.digits.found.", "Udda antal hex-siffror p\u00E5tr\u00E4ffades: "},
-        {"Unknown.extension.type.", "Ok\u00E4nd till\u00E4ggstyp: "},
-        {"command.{0}.is.ambiguous.", "kommandot {0} \u00E4r tvetydigt:"},
-
-        // policytool
-        {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.",
-                "Varning! Det finns ingen offentlig nyckel f\u00F6r aliaset {0}. Kontrollera att det aktuella nyckellagret \u00E4r korrekt konfigurerat."},
-        {"Warning.Class.not.found.class", "Varning! Klassen hittades inte: {0}"},
-        {"Warning.Invalid.argument.s.for.constructor.arg",
-                "Varning! Ogiltiga argument f\u00F6r konstruktor: {0}"},
-        {"Illegal.Principal.Type.type", "Otill\u00E5ten identitetshavaretyp: {0}"},
-        {"Illegal.option.option", "Otill\u00E5tet alternativ: {0}"},
-        {"Usage.policytool.options.", "Syntax: policytool [alternativ]"},
-        {".file.file.policy.file.location",
-                "  [-file <fil>]    policyfilens plats"},
-        {"New", "Nytt"},
-        {"Open", "\u00D6ppna"},
-        {"Save", "Spara"},
-        {"Save.As", "Spara som"},
-        {"View.Warning.Log", "Visa varningslogg"},
-        {"Exit", "Avsluta"},
-        {"Add.Policy.Entry", "L\u00E4gg till policypost"},
-        {"Edit.Policy.Entry", "Redigera policypost"},
-        {"Remove.Policy.Entry", "Ta bort policypost"},
-        {"Edit", "Redigera"},
-        {"Retain", "Beh\u00E5ll"},
-
-        {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes",
-            "Varning! Filnamnet kan inneh\u00E5lla omv\u00E4nda snedstreck inom citattecken. Citattecken kr\u00E4vs inte f\u00F6r omv\u00E4nda snedstreck (verktyget hanterar detta n\u00E4r policyinneh\u00E5llet skrivs till det best\u00E4ndiga lagret).\n\nKlicka p\u00E5 Beh\u00E5ll f\u00F6r att beh\u00E5lla det angivna namnet, eller klicka p\u00E5 Redigera f\u00F6r att \u00E4ndra det."},
-
-        {"Add.Public.Key.Alias", "L\u00E4gg till offentligt nyckelalias"},
-        {"Remove.Public.Key.Alias", "Ta bort offentligt nyckelalias"},
-        {"File", "Fil"},
-        {"KeyStore", "Nyckellager"},
-        {"Policy.File.", "Policyfil:"},
-        {"Could.not.open.policy.file.policyFile.e.toString.",
-                "Kan inte \u00F6ppna policyfilen: {0}: {1}"},
-        {"Policy.Tool", "Policyverktyg"},
-        {"Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.",
-                "Det uppstod ett fel n\u00E4r policykonfigurationen skulle \u00F6ppnas. Se varningsloggen f\u00F6r mer information."},
-        {"Error", "Fel"},
-        {"OK", "OK"},
-        {"Status", "Status"},
-        {"Warning", "Varning"},
-        {"Permission.",
-                "Beh\u00F6righet:                                                       "},
-        {"Principal.Type.", "Identitetshavaretyp:"},
-        {"Principal.Name.", "Identitetshavare:"},
-        {"Target.Name.",
-                "M\u00E5l:                                                    "},
-        {"Actions.",
-                "Funktioner:                                                             "},
-        {"OK.to.overwrite.existing.file.filename.",
-                "Ska den befintliga filen {0} skrivas \u00F6ver?"},
-        {"Cancel", "Avbryt"},
-        {"CodeBase.", "Kodbas:"},
-        {"SignedBy.", "Signerad av:"},
-        {"Add.Principal", "L\u00E4gg till identitetshavare"},
-        {"Edit.Principal", "Redigera identitetshavare"},
-        {"Remove.Principal", "Ta bort identitetshavare"},
-        {"Principals.", "Identitetshavare:"},
-        {".Add.Permission", "  L\u00E4gg till beh\u00F6righet"},
-        {".Edit.Permission", "  Redigera beh\u00F6righet"},
-        {"Remove.Permission", "Ta bort beh\u00F6righet"},
-        {"Done", "Utf\u00F6rd"},
-        {"KeyStore.URL.", "URL f\u00F6r nyckellager:"},
-        {"KeyStore.Type.", "Nyckellagertyp:"},
-        {"KeyStore.Provider.", "Nyckellagerleverant\u00F6r:"},
-        {"KeyStore.Password.URL.", "URL f\u00F6r l\u00F6senord till nyckellager:"},
-        {"Principals", "Identitetshavare"},
-        {".Edit.Principal.", "  Redigera identitetshavare:"},
-        {".Add.New.Principal.", "  L\u00E4gg till ny identitetshavare:"},
-        {"Permissions", "Beh\u00F6righet"},
-        {".Edit.Permission.", "  Redigera beh\u00F6righet:"},
-        {".Add.New.Permission.", "  L\u00E4gg till ny beh\u00F6righet:"},
-        {"Signed.By.", "Signerad av:"},
-        {"Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name",
-            "Kan inte specificera identitetshavare med jokerteckenklass utan jokerteckennamn"},
-        {"Cannot.Specify.Principal.without.a.Name",
-            "Kan inte specificera identitetshavare utan namn"},
-        {"Permission.and.Target.Name.must.have.a.value",
-                "Beh\u00F6righet och m\u00E5lnamn m\u00E5ste ha ett v\u00E4rde"},
-        {"Remove.this.Policy.Entry.", "Vill du ta bort den h\u00E4r policyposten?"},
-        {"Overwrite.File", "Skriv \u00F6ver fil"},
-        {"Policy.successfully.written.to.filename",
-                "Policy har skrivits till {0}"},
-        {"null.filename", "nullfilnamn"},
-        {"Save.changes.", "Vill du spara \u00E4ndringarna?"},
-        {"Yes", "Ja"},
-        {"No", "Nej"},
-        {"Policy.Entry", "Policyfel"},
-        {"Save.Changes", "Spara \u00E4ndringar"},
-        {"No.Policy.Entry.selected", "Ingen policypost har valts"},
-        {"Unable.to.open.KeyStore.ex.toString.",
-                "Kan inte \u00F6ppna nyckellagret: {0}"},
-        {"No.principal.selected", "Ingen identitetshavare har valts"},
-        {"No.permission.selected", "Ingen beh\u00F6righet har valts"},
-        {"name", "namn"},
-        {"configuration.type", "konfigurationstyp"},
-        {"environment.variable.name", "variabelnamn f\u00F6r milj\u00F6"},
-        {"library.name", "biblioteksnamn"},
-        {"package.name", "paketnamn"},
-        {"policy.type", "policytyp"},
-        {"property.name", "egenskapsnamn"},
-        {"Principal.List", "Lista \u00F6ver identitetshavare"},
-        {"Permission.List", "Beh\u00F6righetslista"},
-        {"Code.Base", "Kodbas"},
-        {"KeyStore.U.R.L.", "URL f\u00F6r nyckellager:"},
-        {"KeyStore.Password.U.R.L.", "URL f\u00F6r l\u00F6senord till nyckellager:"},
-
-
         // javax.security.auth.PrivateCredentialPermission
         {"invalid.null.input.s.", "ogiltiga null-indata"},
         {"actions.can.only.be.read.", "funktioner kan endast 'l\u00E4sas'"},
@@ -553,6 +58,7 @@
         {"provided.null.OID.map", "null-OID-mappning tillhandah\u00F6lls"},
 
         // javax.security.auth.Subject
+        {"NEWLINE", "\n"},
         {"invalid.null.AccessControlContext.provided",
                 "ogiltigt null-AccessControlContext"},
         {"invalid.null.action.provided", "ogiltig null-funktion"},
@@ -656,6 +162,7 @@
      *
      * @return the contents of this <code>ResourceBundle</code>.
      */
+    @Override
     public Object[][] getContents() {
         return contents;
     }
--- a/jdk/src/share/classes/sun/security/util/Resources_zh_CN.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/src/share/classes/sun/security/util/Resources_zh_CN.java	Sun Oct 14 22:58:59 2012 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -34,501 +34,6 @@
 
     private static final Object[][] contents = {
 
-        // shared (from jarsigner)
-        {"SPACE", " "},
-        {"2SPACE", "  "},
-        {"6SPACE", "      "},
-        {"COMMA", ", "},
-        // shared (from keytool)
-        {"NEWLINE", "\n"},
-        {"STAR",
-                "*******************************************"},
-        {"STARNN",
-                "*******************************************\n\n"},
-
-        // keytool: Help part
-// "Option" should be translated.
-        {".OPTION.", " [\u9009\u9879]..."},
-        {"Options.", "\u9009\u9879:"},
-        {"Use.keytool.help.for.all.available.commands",
-                 "\u4F7F\u7528 \"keytool -help\" \u83B7\u53D6\u6240\u6709\u53EF\u7528\u547D\u4EE4"},
-        {"Key.and.Certificate.Management.Tool",
-                 "\u5BC6\u94A5\u548C\u8BC1\u4E66\u7BA1\u7406\u5DE5\u5177"},
-        {"Commands.", "\u547D\u4EE4:"},
-        {"Use.keytool.command.name.help.for.usage.of.command.name",
-                "\u4F7F\u7528 \"keytool -command_name -help\" \u83B7\u53D6 command_name \u7684\u7528\u6CD5"},
-        // keytool: help: commands
-        {"Generates.a.certificate.request",
-                "\u751F\u6210\u8BC1\u4E66\u8BF7\u6C42"}, //-certreq
-        {"Changes.an.entry.s.alias",
-                "\u66F4\u6539\u6761\u76EE\u7684\u522B\u540D"}, //-changealias
-        {"Deletes.an.entry",
-                "\u5220\u9664\u6761\u76EE"}, //-delete
-        {"Exports.certificate",
-                "\u5BFC\u51FA\u8BC1\u4E66"}, //-exportcert
-        {"Generates.a.key.pair",
-                "\u751F\u6210\u5BC6\u94A5\u5BF9"}, //-genkeypair
-// translation of "secret" key should be different to "private" key.
-        {"Generates.a.secret.key",
-                "\u751F\u6210\u5BF9\u79F0\u5BC6\u94A5"}, //-genseckey
-        {"Generates.certificate.from.a.certificate.request",
-                "\u6839\u636E\u8BC1\u4E66\u8BF7\u6C42\u751F\u6210\u8BC1\u4E66"}, //-gencert
-        {"Generates.CRL", "\u751F\u6210 CRL"}, //-gencrl
-        {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
-                "\u4ECE JDK 1.1.x \u6837\u5F0F\u7684\u8EAB\u4EFD\u6570\u636E\u5E93\u5BFC\u5165\u6761\u76EE"}, //-identitydb
-        {"Imports.a.certificate.or.a.certificate.chain",
-                "\u5BFC\u5165\u8BC1\u4E66\u6216\u8BC1\u4E66\u94FE"}, //-importcert
-        {"Imports.one.or.all.entries.from.another.keystore",
-                "\u4ECE\u5176\u4ED6\u5BC6\u94A5\u5E93\u5BFC\u5165\u4E00\u4E2A\u6216\u6240\u6709\u6761\u76EE"}, //-importkeystore
-        {"Clones.a.key.entry",
-                "\u514B\u9686\u5BC6\u94A5\u6761\u76EE"}, //-keyclone
-        {"Changes.the.key.password.of.an.entry",
-                "\u66F4\u6539\u6761\u76EE\u7684\u5BC6\u94A5\u53E3\u4EE4"}, //-keypasswd
-        {"Lists.entries.in.a.keystore",
-                "\u5217\u51FA\u5BC6\u94A5\u5E93\u4E2D\u7684\u6761\u76EE"}, //-list
-        {"Prints.the.content.of.a.certificate",
-                "\u6253\u5370\u8BC1\u4E66\u5185\u5BB9"}, //-printcert
-        {"Prints.the.content.of.a.certificate.request",
-                "\u6253\u5370\u8BC1\u4E66\u8BF7\u6C42\u7684\u5185\u5BB9"}, //-printcertreq
-        {"Prints.the.content.of.a.CRL.file",
-                "\u6253\u5370 CRL \u6587\u4EF6\u7684\u5185\u5BB9"}, //-printcrl
-        {"Generates.a.self.signed.certificate",
-                "\u751F\u6210\u81EA\u7B7E\u540D\u8BC1\u4E66"}, //-selfcert
-        {"Changes.the.store.password.of.a.keystore",
-                "\u66F4\u6539\u5BC6\u94A5\u5E93\u7684\u5B58\u50A8\u53E3\u4EE4"}, //-storepasswd
-        // keytool: help: options
-        {"alias.name.of.the.entry.to.process",
-                "\u8981\u5904\u7406\u7684\u6761\u76EE\u7684\u522B\u540D"}, //-alias
-        {"destination.alias",
-                "\u76EE\u6807\u522B\u540D"}, //-destalias
-        {"destination.key.password",
-                "\u76EE\u6807\u5BC6\u94A5\u53E3\u4EE4"}, //-destkeypass
-        {"destination.keystore.name",
-                "\u76EE\u6807\u5BC6\u94A5\u5E93\u540D\u79F0"}, //-destkeystore
-        {"destination.keystore.password.protected",
-                "\u53D7\u4FDD\u62A4\u7684\u76EE\u6807\u5BC6\u94A5\u5E93\u53E3\u4EE4"}, //-destprotected
-        {"destination.keystore.provider.name",
-                "\u76EE\u6807\u5BC6\u94A5\u5E93\u63D0\u4F9B\u65B9\u540D\u79F0"}, //-destprovidername
-        {"destination.keystore.password",
-                "\u76EE\u6807\u5BC6\u94A5\u5E93\u53E3\u4EE4"}, //-deststorepass
-        {"destination.keystore.type",
-                "\u76EE\u6807\u5BC6\u94A5\u5E93\u7C7B\u578B"}, //-deststoretype
-        {"distinguished.name",
-                "\u552F\u4E00\u5224\u522B\u540D"}, //-dname
-        {"X.509.extension",
-                "X.509 \u6269\u5C55"}, //-ext
-        {"output.file.name",
-                "\u8F93\u51FA\u6587\u4EF6\u540D"}, //-file and -outfile
-        {"input.file.name",
-                "\u8F93\u5165\u6587\u4EF6\u540D"}, //-file and -infile
-        {"key.algorithm.name",
-                "\u5BC6\u94A5\u7B97\u6CD5\u540D\u79F0"}, //-keyalg
-        {"key.password",
-                "\u5BC6\u94A5\u53E3\u4EE4"}, //-keypass
-        {"key.bit.size",
-                "\u5BC6\u94A5\u4F4D\u5927\u5C0F"}, //-keysize
-        {"keystore.name",
-                "\u5BC6\u94A5\u5E93\u540D\u79F0"}, //-keystore
-        {"new.password",
-                "\u65B0\u53E3\u4EE4"}, //-new
-        {"do.not.prompt",
-                "\u4E0D\u63D0\u793A"}, //-noprompt
-        {"password.through.protected.mechanism",
-                "\u901A\u8FC7\u53D7\u4FDD\u62A4\u7684\u673A\u5236\u7684\u53E3\u4EE4"}, //-protected
-        {"provider.argument",
-                "\u63D0\u4F9B\u65B9\u53C2\u6570"}, //-providerarg
-        {"provider.class.name",
-                "\u63D0\u4F9B\u65B9\u7C7B\u540D"}, //-providerclass
-        {"provider.name",
-                "\u63D0\u4F9B\u65B9\u540D\u79F0"}, //-providername
-        {"provider.classpath",
-                "\u63D0\u4F9B\u65B9\u7C7B\u8DEF\u5F84"}, //-providerpath
-        {"output.in.RFC.style",
-                "\u4EE5 RFC \u6837\u5F0F\u8F93\u51FA"}, //-rfc
-        {"signature.algorithm.name",
-                "\u7B7E\u540D\u7B97\u6CD5\u540D\u79F0"}, //-sigalg
-        {"source.alias",
-                "\u6E90\u522B\u540D"}, //-srcalias
-        {"source.key.password",
-                "\u6E90\u5BC6\u94A5\u53E3\u4EE4"}, //-srckeypass
-        {"source.keystore.name",
-                "\u6E90\u5BC6\u94A5\u5E93\u540D\u79F0"}, //-srckeystore
-        {"source.keystore.password.protected",
-                "\u53D7\u4FDD\u62A4\u7684\u6E90\u5BC6\u94A5\u5E93\u53E3\u4EE4"}, //-srcprotected
-        {"source.keystore.provider.name",
-                "\u6E90\u5BC6\u94A5\u5E93\u63D0\u4F9B\u65B9\u540D\u79F0"}, //-srcprovidername
-        {"source.keystore.password",
-                "\u6E90\u5BC6\u94A5\u5E93\u53E3\u4EE4"}, //-srcstorepass
-        {"source.keystore.type",
-                "\u6E90\u5BC6\u94A5\u5E93\u7C7B\u578B"}, //-srcstoretype
-        {"SSL.server.host.and.port",
-                "SSL \u670D\u52A1\u5668\u4E3B\u673A\u548C\u7AEF\u53E3"}, //-sslserver
-        {"signed.jar.file",
-                "\u5DF2\u7B7E\u540D\u7684 jar \u6587\u4EF6"}, //=jarfile
-        {"certificate.validity.start.date.time",
-                "\u8BC1\u4E66\u6709\u6548\u671F\u5F00\u59CB\u65E5\u671F/\u65F6\u95F4"}, //-startdate
-        {"keystore.password",
-                "\u5BC6\u94A5\u5E93\u53E3\u4EE4"}, //-storepass
-        {"keystore.type",
-                "\u5BC6\u94A5\u5E93\u7C7B\u578B"}, //-storetype
-        {"trust.certificates.from.cacerts",
-                "\u4FE1\u4EFB\u6765\u81EA cacerts \u7684\u8BC1\u4E66"}, //-trustcacerts
-        {"verbose.output",
-                "\u8BE6\u7EC6\u8F93\u51FA"}, //-v
-        {"validity.number.of.days",
-                "\u6709\u6548\u5929\u6570"}, //-validity
-        {"Serial.ID.of.cert.to.revoke",
-                 "\u8981\u64A4\u9500\u7684\u8BC1\u4E66\u7684\u5E8F\u5217 ID"}, //-id
-        // keytool: Running part
-        {"keytool.error.", "keytool \u9519\u8BEF: "},
-        {"Illegal.option.", "\u975E\u6CD5\u9009\u9879:  "},
-        {"Illegal.value.", "\u975E\u6CD5\u503C: "},
-        {"Unknown.password.type.", "\u672A\u77E5\u53E3\u4EE4\u7C7B\u578B: "},
-        {"Cannot.find.environment.variable.",
-                "\u627E\u4E0D\u5230\u73AF\u5883\u53D8\u91CF: "},
-        {"Cannot.find.file.", "\u627E\u4E0D\u5230\u6587\u4EF6: "},
-        {"Command.option.flag.needs.an.argument.", "\u547D\u4EE4\u9009\u9879{0}\u9700\u8981\u4E00\u4E2A\u53C2\u6570\u3002"},
-        {"Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value.",
-                "\u8B66\u544A: PKCS12 KeyStore \u4E0D\u652F\u6301\u5176\u4ED6\u5B58\u50A8\u548C\u5BC6\u94A5\u53E3\u4EE4\u3002\u6B63\u5728\u5FFD\u7565\u7528\u6237\u6307\u5B9A\u7684{0}\u503C\u3002"},
-        {".keystore.must.be.NONE.if.storetype.is.{0}",
-                "\u5982\u679C -storetype \u4E3A {0}, \u5219 -keystore \u5FC5\u987B\u4E3A NONE"},
-        {"Too.many.retries.program.terminated",
-                 "\u91CD\u8BD5\u6B21\u6570\u8FC7\u591A, \u7A0B\u5E8F\u5DF2\u7EC8\u6B62"},
-        {".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}",
-                "\u5982\u679C -storetype \u4E3A {0}, \u5219\u4E0D\u652F\u6301 -storepasswd \u548C -keypasswd \u547D\u4EE4"},
-        {".keypasswd.commands.not.supported.if.storetype.is.PKCS12",
-                "\u5982\u679C -storetype \u4E3A PKCS12, \u5219\u4E0D\u652F\u6301 -keypasswd \u547D\u4EE4"},
-        {".keypass.and.new.can.not.be.specified.if.storetype.is.{0}",
-                "\u5982\u679C -storetype \u4E3A {0}, \u5219\u4E0D\u80FD\u6307\u5B9A -keypass \u548C -new"},
-        {"if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified",
-                "\u5982\u679C\u6307\u5B9A\u4E86 -protected, \u5219\u4E0D\u80FD\u6307\u5B9A -storepass, -keypass \u548C -new"},
-        {"if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified",
-                "\u5982\u679C\u6307\u5B9A\u4E86 -srcprotected, \u5219\u4E0D\u80FD\u6307\u5B9A -srcstorepass \u548C -srckeypass"},
-        {"if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified",
-                "\u5982\u679C\u5BC6\u94A5\u5E93\u672A\u53D7\u53E3\u4EE4\u4FDD\u62A4, \u5219\u4E0D\u80FD\u6307\u5B9A -storepass, -keypass \u548C -new"},
-        {"if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified",
-                "\u5982\u679C\u6E90\u5BC6\u94A5\u5E93\u672A\u53D7\u53E3\u4EE4\u4FDD\u62A4, \u5219\u4E0D\u80FD\u6307\u5B9A -srcstorepass \u548C -srckeypass"},
-        {"Illegal.startdate.value", "\u975E\u6CD5\u5F00\u59CB\u65E5\u671F\u503C"},
-        {"Validity.must.be.greater.than.zero",
-                "\u6709\u6548\u671F\u5FC5\u987B\u5927\u4E8E\u96F6"},
-        {"provName.not.a.provider", "{0}\u4E0D\u662F\u63D0\u4F9B\u65B9"},
-        {"Usage.error.no.command.provided", "\u7528\u6CD5\u9519\u8BEF: \u6CA1\u6709\u63D0\u4F9B\u547D\u4EE4"},
-        {"Source.keystore.file.exists.but.is.empty.", "\u6E90\u5BC6\u94A5\u5E93\u6587\u4EF6\u5B58\u5728, \u4F46\u4E3A\u7A7A: "},
-        {"Please.specify.srckeystore", "\u8BF7\u6307\u5B9A -srckeystore"},
-        {"Must.not.specify.both.v.and.rfc.with.list.command",
-                "'list' \u547D\u4EE4\u4E0D\u80FD\u540C\u65F6\u6307\u5B9A -v \u53CA -rfc"},
-        {"Key.password.must.be.at.least.6.characters",
-                "\u5BC6\u94A5\u53E3\u4EE4\u81F3\u5C11\u5FC5\u987B\u4E3A 6 \u4E2A\u5B57\u7B26"},
-        {"New.password.must.be.at.least.6.characters",
-                "\u65B0\u53E3\u4EE4\u81F3\u5C11\u5FC5\u987B\u4E3A 6 \u4E2A\u5B57\u7B26"},
-        {"Keystore.file.exists.but.is.empty.",
-                "\u5BC6\u94A5\u5E93\u6587\u4EF6\u5B58\u5728, \u4F46\u4E3A\u7A7A: "},
-        {"Keystore.file.does.not.exist.",
-                "\u5BC6\u94A5\u5E93\u6587\u4EF6\u4E0D\u5B58\u5728: "},
-        {"Must.specify.destination.alias", "\u5FC5\u987B\u6307\u5B9A\u76EE\u6807\u522B\u540D"},
-        {"Must.specify.alias", "\u5FC5\u987B\u6307\u5B9A\u522B\u540D"},
-        {"Keystore.password.must.be.at.least.6.characters",
-                "\u5BC6\u94A5\u5E93\u53E3\u4EE4\u81F3\u5C11\u5FC5\u987B\u4E3A 6 \u4E2A\u5B57\u7B26"},
-        {"Enter.keystore.password.", "\u8F93\u5165\u5BC6\u94A5\u5E93\u53E3\u4EE4:  "},
-        {"Enter.source.keystore.password.", "\u8F93\u5165\u6E90\u5BC6\u94A5\u5E93\u53E3\u4EE4:  "},
-        {"Enter.destination.keystore.password.", "\u8F93\u5165\u76EE\u6807\u5BC6\u94A5\u5E93\u53E3\u4EE4:  "},
-        {"Keystore.password.is.too.short.must.be.at.least.6.characters",
-         "\u5BC6\u94A5\u5E93\u53E3\u4EE4\u592A\u77ED - \u81F3\u5C11\u5FC5\u987B\u4E3A 6 \u4E2A\u5B57\u7B26"},
-        {"Unknown.Entry.Type", "\u672A\u77E5\u6761\u76EE\u7C7B\u578B"},
-        {"Too.many.failures.Alias.not.changed", "\u6545\u969C\u592A\u591A\u3002\u672A\u66F4\u6539\u522B\u540D"},
-        {"Entry.for.alias.alias.successfully.imported.",
-                 "\u5DF2\u6210\u529F\u5BFC\u5165\u522B\u540D {0} \u7684\u6761\u76EE\u3002"},
-        {"Entry.for.alias.alias.not.imported.", "\u672A\u5BFC\u5165\u522B\u540D {0} \u7684\u6761\u76EE\u3002"},
-        {"Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported.",
-                 "\u5BFC\u5165\u522B\u540D {0} \u7684\u6761\u76EE\u65F6\u51FA\u73B0\u95EE\u9898: {1}\u3002\n\u672A\u5BFC\u5165\u522B\u540D {0} \u7684\u6761\u76EE\u3002"},
-        {"Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled",
-                 "\u5DF2\u5B8C\u6210\u5BFC\u5165\u547D\u4EE4: {0} \u4E2A\u6761\u76EE\u6210\u529F\u5BFC\u5165, {1} \u4E2A\u6761\u76EE\u5931\u8D25\u6216\u53D6\u6D88"},
-        {"Warning.Overwriting.existing.alias.alias.in.destination.keystore",
-                 "\u8B66\u544A: \u6B63\u5728\u8986\u76D6\u76EE\u6807\u5BC6\u94A5\u5E93\u4E2D\u7684\u73B0\u6709\u522B\u540D {0}"},
-        {"Existing.entry.alias.alias.exists.overwrite.no.",
-                 "\u5B58\u5728\u73B0\u6709\u6761\u76EE\u522B\u540D {0}, \u662F\u5426\u8986\u76D6? [no]:  "},
-        {"Too.many.failures.try.later", "\u6545\u969C\u592A\u591A - \u8BF7\u7A0D\u540E\u518D\u8BD5"},
-        {"Certification.request.stored.in.file.filename.",
-                "\u5B58\u50A8\u5728\u6587\u4EF6 <{0}> \u4E2D\u7684\u8BA4\u8BC1\u8BF7\u6C42"},
-        {"Submit.this.to.your.CA", "\u5C06\u6B64\u63D0\u4EA4\u7ED9\u60A8\u7684 CA"},
-        {"if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified",
-            "\u5982\u679C\u6CA1\u6709\u6307\u5B9A\u522B\u540D, \u5219\u4E0D\u80FD\u6307\u5B9A\u76EE\u6807\u522B\u540D, \u6E90\u5BC6\u94A5\u5E93\u53E3\u4EE4\u548C\u76EE\u6807\u5BC6\u94A5\u5E93\u53E3\u4EE4"},
-        {"Certificate.stored.in.file.filename.",
-                "\u5B58\u50A8\u5728\u6587\u4EF6 <{0}> \u4E2D\u7684\u8BC1\u4E66"},
-        {"Certificate.reply.was.installed.in.keystore",
-                "\u8BC1\u4E66\u56DE\u590D\u5DF2\u5B89\u88C5\u5728\u5BC6\u94A5\u5E93\u4E2D"},
-        {"Certificate.reply.was.not.installed.in.keystore",
-                "\u8BC1\u4E66\u56DE\u590D\u672A\u5B89\u88C5\u5728\u5BC6\u94A5\u5E93\u4E2D"},
-        {"Certificate.was.added.to.keystore",
-                "\u8BC1\u4E66\u5DF2\u6DFB\u52A0\u5230\u5BC6\u94A5\u5E93\u4E2D"},
-        {"Certificate.was.not.added.to.keystore",
-                "\u8BC1\u4E66\u672A\u6DFB\u52A0\u5230\u5BC6\u94A5\u5E93\u4E2D"},
-        {".Storing.ksfname.", "[\u6B63\u5728\u5B58\u50A8{0}]"},
-        {"alias.has.no.public.key.certificate.",
-                "{0}\u6CA1\u6709\u516C\u5171\u5BC6\u94A5 (\u8BC1\u4E66)"},
-        {"Cannot.derive.signature.algorithm",
-                "\u65E0\u6CD5\u6D3E\u751F\u7B7E\u540D\u7B97\u6CD5"},
-        {"Alias.alias.does.not.exist",
-                "\u522B\u540D <{0}> \u4E0D\u5B58\u5728"},
-        {"Alias.alias.has.no.certificate",
-                "\u522B\u540D <{0}> \u6CA1\u6709\u8BC1\u4E66"},
-        {"Key.pair.not.generated.alias.alias.already.exists",
-                "\u672A\u751F\u6210\u5BC6\u94A5\u5BF9, \u522B\u540D <{0}> \u5DF2\u7ECF\u5B58\u5728"},
-        {"Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for",
-                "\u6B63\u5728\u4E3A\u4EE5\u4E0B\u5BF9\u8C61\u751F\u6210 {0} \u4F4D{1}\u5BC6\u94A5\u5BF9\u548C\u81EA\u7B7E\u540D\u8BC1\u4E66 ({2}) (\u6709\u6548\u671F\u4E3A {3} \u5929):\n\t {4}"},
-        {"Enter.key.password.for.alias.", "\u8F93\u5165 <{0}> \u7684\u5BC6\u94A5\u53E3\u4EE4"},
-        {".RETURN.if.same.as.keystore.password.",
-                "\t(\u5982\u679C\u548C\u5BC6\u94A5\u5E93\u53E3\u4EE4\u76F8\u540C, \u6309\u56DE\u8F66):  "},
-        {"Key.password.is.too.short.must.be.at.least.6.characters",
-                "\u5BC6\u94A5\u53E3\u4EE4\u592A\u77ED - \u81F3\u5C11\u5FC5\u987B\u4E3A 6 \u4E2A\u5B57\u7B26"},
-        {"Too.many.failures.key.not.added.to.keystore",
-                "\u6545\u969C\u592A\u591A - \u5BC6\u94A5\u672A\u6DFB\u52A0\u5230\u5BC6\u94A5\u5E93\u4E2D"},
-        {"Destination.alias.dest.already.exists",
-                "\u76EE\u6807\u522B\u540D <{0}> \u5DF2\u7ECF\u5B58\u5728"},
-        {"Password.is.too.short.must.be.at.least.6.characters",
-                "\u53E3\u4EE4\u592A\u77ED - \u81F3\u5C11\u5FC5\u987B\u4E3A 6 \u4E2A\u5B57\u7B26"},
-        {"Too.many.failures.Key.entry.not.cloned",
-                "\u6545\u969C\u592A\u591A\u3002\u672A\u514B\u9686\u5BC6\u94A5\u6761\u76EE"},
-        {"key.password.for.alias.", "<{0}> \u7684\u5BC6\u94A5\u53E3\u4EE4"},
-        {"Keystore.entry.for.id.getName.already.exists",
-                "<{0}> \u7684\u5BC6\u94A5\u5E93\u6761\u76EE\u5DF2\u7ECF\u5B58\u5728"},
-        {"Creating.keystore.entry.for.id.getName.",
-                "\u6B63\u5728\u521B\u5EFA <{0}> \u7684\u5BC6\u94A5\u5E93\u6761\u76EE..."},
-        {"No.entries.from.identity.database.added",
-                "\u672A\u4ECE\u8EAB\u4EFD\u6570\u636E\u5E93\u4E2D\u6DFB\u52A0\u4EFB\u4F55\u6761\u76EE"},
-        {"Alias.name.alias", "\u522B\u540D: {0}"},
-        {"Creation.date.keyStore.getCreationDate.alias.",
-                "\u521B\u5EFA\u65E5\u671F: {0,date}"},
-        {"alias.keyStore.getCreationDate.alias.",
-                "{0}, {1,date}, "},
-        {"alias.", "{0}, "},
-        {"Entry.type.type.", "\u6761\u76EE\u7C7B\u578B: {0}"},
-        {"Certificate.chain.length.", "\u8BC1\u4E66\u94FE\u957F\u5EA6: "},
-        {"Certificate.i.1.", "\u8BC1\u4E66[{0,number,integer}]:"},
-        {"Certificate.fingerprint.SHA1.", "\u8BC1\u4E66\u6307\u7EB9 (SHA1): "},
-        {"Keystore.type.", "\u5BC6\u94A5\u5E93\u7C7B\u578B: "},
-        {"Keystore.provider.", "\u5BC6\u94A5\u5E93\u63D0\u4F9B\u65B9: "},
-        {"Your.keystore.contains.keyStore.size.entry",
-                "\u60A8\u7684\u5BC6\u94A5\u5E93\u5305\u542B {0,number,integer} \u4E2A\u6761\u76EE"},
-        {"Your.keystore.contains.keyStore.size.entries",
-                "\u60A8\u7684\u5BC6\u94A5\u5E93\u5305\u542B {0,number,integer} \u4E2A\u6761\u76EE"},
-        {"Failed.to.parse.input", "\u65E0\u6CD5\u5BF9\u8F93\u5165\u8FDB\u884C\u8BED\u6CD5\u5206\u6790"},
-        {"Empty.input", "\u7A7A\u8F93\u5165"},
-        {"Not.X.509.certificate", "\u975E X.509 \u8BC1\u4E66"},
-        {"alias.has.no.public.key", "{0}\u6CA1\u6709\u516C\u5171\u5BC6\u94A5"},
-        {"alias.has.no.X.509.certificate", "{0}\u6CA1\u6709 X.509 \u8BC1\u4E66"},
-        {"New.certificate.self.signed.", "\u65B0\u8BC1\u4E66 (\u81EA\u7B7E\u540D):"},
-        {"Reply.has.no.certificates", "\u56DE\u590D\u4E2D\u6CA1\u6709\u8BC1\u4E66"},
-        {"Certificate.not.imported.alias.alias.already.exists",
-                "\u8BC1\u4E66\u672A\u5BFC\u5165, \u522B\u540D <{0}> \u5DF2\u7ECF\u5B58\u5728"},
-        {"Input.not.an.X.509.certificate", "\u6240\u8F93\u5165\u7684\u4E0D\u662F X.509 \u8BC1\u4E66"},
-        {"Certificate.already.exists.in.keystore.under.alias.trustalias.",
-                "\u5728\u522B\u540D <{0}> \u4E4B\u4E0B, \u8BC1\u4E66\u5DF2\u7ECF\u5B58\u5728\u4E8E\u5BC6\u94A5\u5E93\u4E2D"},
-        {"Do.you.still.want.to.add.it.no.",
-                "\u662F\u5426\u4ECD\u8981\u6DFB\u52A0? [no]:  "},
-        {"Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias.",
-                "\u5728\u522B\u540D <{0}> \u4E4B\u4E0B, \u8BC1\u4E66\u5DF2\u7ECF\u5B58\u5728\u4E8E\u7CFB\u7EDF\u8303\u56F4\u7684 CA \u5BC6\u94A5\u5E93\u4E2D"},
-        {"Do.you.still.want.to.add.it.to.your.own.keystore.no.",
-                "\u662F\u5426\u4ECD\u8981\u5C06\u5B83\u6DFB\u52A0\u5230\u81EA\u5DF1\u7684\u5BC6\u94A5\u5E93? [no]:  "},
-        {"Trust.this.certificate.no.", "\u662F\u5426\u4FE1\u4EFB\u6B64\u8BC1\u4E66? [no]:  "},
-        {"YES", "\u662F"},
-        {"New.prompt.", "\u65B0{0}: "},
-        {"Passwords.must.differ", "\u53E3\u4EE4\u4E0D\u80FD\u76F8\u540C"},
-        {"Re.enter.new.prompt.", "\u91CD\u65B0\u8F93\u5165\u65B0{0}: "},
-        {"Re.enter.new.password.", "\u518D\u6B21\u8F93\u5165\u65B0\u53E3\u4EE4: "},
-        {"They.don.t.match.Try.again", "\u5B83\u4EEC\u4E0D\u5339\u914D\u3002\u8BF7\u91CD\u8BD5"},
-        {"Enter.prompt.alias.name.", "\u8F93\u5165{0}\u522B\u540D:  "},
-        {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
-                 "\u8F93\u5165\u65B0\u7684\u522B\u540D\t(\u6309\u56DE\u8F66\u4EE5\u53D6\u6D88\u5BF9\u6B64\u6761\u76EE\u7684\u5BFC\u5165):  "},
-        {"Enter.alias.name.", "\u8F93\u5165\u522B\u540D:  "},
-        {".RETURN.if.same.as.for.otherAlias.",
-                "\t(\u5982\u679C\u548C <{0}> \u76F8\u540C, \u5219\u6309\u56DE\u8F66)"},
-        {".PATTERN.printX509Cert",
-                "\u6240\u6709\u8005: {0}\n\u53D1\u5E03\u8005: {1}\n\u5E8F\u5217\u53F7: {2}\n\u6709\u6548\u671F\u5F00\u59CB\u65E5\u671F: {3}, \u622A\u6B62\u65E5\u671F: {4}\n\u8BC1\u4E66\u6307\u7EB9:\n\t MD5: {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t \u7B7E\u540D\u7B97\u6CD5\u540D\u79F0: {8}\n\t \u7248\u672C: {9}"},
-        {"What.is.your.first.and.last.name.",
-                "\u60A8\u7684\u540D\u5B57\u4E0E\u59D3\u6C0F\u662F\u4EC0\u4E48?"},
-        {"What.is.the.name.of.your.organizational.unit.",
-                "\u60A8\u7684\u7EC4\u7EC7\u5355\u4F4D\u540D\u79F0\u662F\u4EC0\u4E48?"},
-        {"What.is.the.name.of.your.organization.",
-                "\u60A8\u7684\u7EC4\u7EC7\u540D\u79F0\u662F\u4EC0\u4E48?"},
-        {"What.is.the.name.of.your.City.or.Locality.",
-                "\u60A8\u6240\u5728\u7684\u57CE\u5E02\u6216\u533A\u57DF\u540D\u79F0\u662F\u4EC0\u4E48?"},
-        {"What.is.the.name.of.your.State.or.Province.",
-                "\u60A8\u6240\u5728\u7684\u7701/\u5E02/\u81EA\u6CBB\u533A\u540D\u79F0\u662F\u4EC0\u4E48?"},
-        {"What.is.the.two.letter.country.code.for.this.unit.",
-                "\u8BE5\u5355\u4F4D\u7684\u53CC\u5B57\u6BCD\u56FD\u5BB6/\u5730\u533A\u4EE3\u7801\u662F\u4EC0\u4E48?"},
-        {"Is.name.correct.", "{0}\u662F\u5426\u6B63\u786E?"},
-        {"no", "\u5426"},
-        {"yes", "\u662F"},
-        {"y", "y"},
-        {".defaultValue.", "  [{0}]:  "},
-        {"Alias.alias.has.no.key",
-                "\u522B\u540D <{0}> \u6CA1\u6709\u5BC6\u94A5"},
-        {"Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key",
-                 "\u522B\u540D <{0}> \u5F15\u7528\u4E86\u4E0D\u5C5E\u4E8E\u79C1\u6709\u5BC6\u94A5\u6761\u76EE\u7684\u6761\u76EE\u7C7B\u578B\u3002-keyclone \u547D\u4EE4\u4EC5\u652F\u6301\u5BF9\u79C1\u6709\u5BC6\u94A5\u6761\u76EE\u7684\u514B\u9686"},
-
-        {".WARNING.WARNING.WARNING.",
-            "*****************  \u8B66\u544A \u8B66\u544A \u8B66\u544A  *****************"},
-        {"Signer.d.", "\u7B7E\u540D\u8005 #%d:"},
-        {"Timestamp.", "\u65F6\u95F4\u6233:"},
-        {"Signature.", "\u7B7E\u540D:"},
-        {"CRLs.", "CRL:"},
-        {"Certificate.owner.", "\u8BC1\u4E66\u6240\u6709\u8005: "},
-        {"Not.a.signed.jar.file", "\u4E0D\u662F\u5DF2\u7B7E\u540D\u7684 jar \u6587\u4EF6"},
-        {"No.certificate.from.the.SSL.server",
-                "\u6CA1\u6709\u6765\u81EA SSL \u670D\u52A1\u5668\u7684\u8BC1\u4E66"},
-
-        {".The.integrity.of.the.information.stored.in.your.keystore.",
-            "* \u5B58\u50A8\u5728\u60A8\u7684\u5BC6\u94A5\u5E93\u4E2D\u7684\u4FE1\u606F\u7684\u5B8C\u6574\u6027  *\n* \u5C1A\u672A\u7ECF\u8FC7\u9A8C\u8BC1!  \u4E3A\u4E86\u9A8C\u8BC1\u5176\u5B8C\u6574\u6027, *\n* \u5FC5\u987B\u63D0\u4F9B\u5BC6\u94A5\u5E93\u53E3\u4EE4\u3002                  *"},
-        {".The.integrity.of.the.information.stored.in.the.srckeystore.",
-            "* \u5B58\u50A8\u5728 srckeystore \u4E2D\u7684\u4FE1\u606F\u7684\u5B8C\u6574\u6027*\n* \u5C1A\u672A\u7ECF\u8FC7\u9A8C\u8BC1!  \u4E3A\u4E86\u9A8C\u8BC1\u5176\u5B8C\u6574\u6027, *\n* \u5FC5\u987B\u63D0\u4F9B\u6E90\u5BC6\u94A5\u5E93\u53E3\u4EE4\u3002                  *"},
-
-        {"Certificate.reply.does.not.contain.public.key.for.alias.",
-                "\u8BC1\u4E66\u56DE\u590D\u4E2D\u4E0D\u5305\u542B <{0}> \u7684\u516C\u5171\u5BC6\u94A5"},
-        {"Incomplete.certificate.chain.in.reply",
-                "\u56DE\u590D\u4E2D\u7684\u8BC1\u4E66\u94FE\u4E0D\u5B8C\u6574"},
-        {"Certificate.chain.in.reply.does.not.verify.",
-                "\u56DE\u590D\u4E2D\u7684\u8BC1\u4E66\u94FE\u672A\u9A8C\u8BC1: "},
-        {"Top.level.certificate.in.reply.",
-                "\u56DE\u590D\u4E2D\u7684\u9876\u7EA7\u8BC1\u4E66:\n"},
-        {".is.not.trusted.", "... \u662F\u4E0D\u53EF\u4FE1\u7684\u3002"},
-        {"Install.reply.anyway.no.", "\u662F\u5426\u4ECD\u8981\u5B89\u88C5\u56DE\u590D? [no]:  "},
-        {"NO", "\u5426"},
-        {"Public.keys.in.reply.and.keystore.don.t.match",
-                "\u56DE\u590D\u4E2D\u7684\u516C\u5171\u5BC6\u94A5\u4E0E\u5BC6\u94A5\u5E93\u4E0D\u5339\u914D"},
-        {"Certificate.reply.and.certificate.in.keystore.are.identical",
-                "\u8BC1\u4E66\u56DE\u590D\u4E0E\u5BC6\u94A5\u5E93\u4E2D\u7684\u8BC1\u4E66\u662F\u76F8\u540C\u7684"},
-        {"Failed.to.establish.chain.from.reply",
-                "\u65E0\u6CD5\u4ECE\u56DE\u590D\u4E2D\u5EFA\u7ACB\u94FE"},
-        {"n", "n"},
-        {"Wrong.answer.try.again", "\u9519\u8BEF\u7684\u7B54\u6848, \u8BF7\u518D\u8BD5\u4E00\u6B21"},
-        {"Secret.key.not.generated.alias.alias.already.exists",
-                "\u6CA1\u6709\u751F\u6210\u5BC6\u94A5, \u522B\u540D <{0}> \u5DF2\u7ECF\u5B58\u5728"},
-        {"Please.provide.keysize.for.secret.key.generation",
-                "\u8BF7\u63D0\u4F9B -keysize \u4EE5\u751F\u6210\u5BF9\u79F0\u5BC6\u94A5"},
-
-        {"Extensions.", "\u6269\u5C55: "},
-        {".Empty.value.", "(\u7A7A\u503C)"},
-        {"Extension.Request.", "\u6269\u5C55\u8BF7\u6C42:"},
-        {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
-                "PKCS #10 \u8BC1\u4E66\u8BF7\u6C42 (\u7248\u672C 1.0)\n\u4E3B\u9898: %s\n\u516C\u5171\u5BC6\u94A5: %s \u683C\u5F0F %s \u5BC6\u94A5\n"},
-        {"Unknown.keyUsage.type.", "\u672A\u77E5 keyUsage \u7C7B\u578B: "},
-        {"Unknown.extendedkeyUsage.type.", "\u672A\u77E5 extendedkeyUsage \u7C7B\u578B: "},
-        {"Unknown.AccessDescription.type.", "\u672A\u77E5 AccessDescription \u7C7B\u578B: "},
-        {"Unrecognized.GeneralName.type.", "\u65E0\u6CD5\u8BC6\u522B\u7684 GeneralName \u7C7B\u578B: "},
-        {"This.extension.cannot.be.marked.as.critical.",
-                 "\u65E0\u6CD5\u5C06\u6B64\u6269\u5C55\u6807\u8BB0\u4E3A\u201C\u4E25\u91CD\u201D\u3002"},
-        {"Odd.number.of.hex.digits.found.", "\u627E\u5230\u5947\u6570\u4E2A\u5341\u516D\u8FDB\u5236\u6570\u5B57: "},
-        {"Unknown.extension.type.", "\u672A\u77E5\u6269\u5C55\u7C7B\u578B: "},
-        {"command.{0}.is.ambiguous.", "\u547D\u4EE4{0}\u4E0D\u660E\u786E:"},
-
-        // policytool
-        {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.",
-                "\u8B66\u544A: \u522B\u540D {0} \u7684\u516C\u5171\u5BC6\u94A5\u4E0D\u5B58\u5728\u3002\u8BF7\u786E\u4FDD\u5DF2\u6B63\u786E\u914D\u7F6E KeyStore\u3002"},
-        {"Warning.Class.not.found.class", "\u8B66\u544A: \u627E\u4E0D\u5230\u7C7B: {0}"},
-        {"Warning.Invalid.argument.s.for.constructor.arg",
-                "\u8B66\u544A: \u6784\u9020\u5668\u7684\u53C2\u6570\u65E0\u6548: {0}"},
-        {"Illegal.Principal.Type.type", "\u975E\u6CD5\u7684\u4E3B\u7528\u6237\u7C7B\u578B: {0}"},
-        {"Illegal.option.option", "\u975E\u6CD5\u9009\u9879: {0}"},
-        {"Usage.policytool.options.", "\u7528\u6CD5: policytool [\u9009\u9879]"},
-        {".file.file.policy.file.location",
-                "  [-file <file>]    \u7B56\u7565\u6587\u4EF6\u4F4D\u7F6E"},
-        {"New", "\u65B0\u5EFA"},
-        {"Open", "\u6253\u5F00"},
-        {"Save", "\u4FDD\u5B58"},
-        {"Save.As", "\u53E6\u5B58\u4E3A"},
-        {"View.Warning.Log", "\u67E5\u770B\u8B66\u544A\u65E5\u5FD7"},
-        {"Exit", "\u9000\u51FA"},
-        {"Add.Policy.Entry", "\u6DFB\u52A0\u7B56\u7565\u6761\u76EE"},
-        {"Edit.Policy.Entry", "\u7F16\u8F91\u7B56\u7565\u6761\u76EE"},
-        {"Remove.Policy.Entry", "\u5220\u9664\u7B56\u7565\u6761\u76EE"},
-        {"Edit", "\u7F16\u8F91"},
-        {"Retain", "\u4FDD\u7559"},
-
-        {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes",
-            "\u8B66\u544A: \u6587\u4EF6\u540D\u5305\u542B\u8F6C\u4E49\u7684\u53CD\u659C\u6760\u5B57\u7B26\u3002\u4E0D\u9700\u8981\u5BF9\u53CD\u659C\u6760\u5B57\u7B26\u8FDB\u884C\u8F6C\u4E49 (\u8BE5\u5DE5\u5177\u5728\u5C06\u7B56\u7565\u5185\u5BB9\u5199\u5165\u6C38\u4E45\u5B58\u50A8\u65F6\u4F1A\u6839\u636E\u9700\u8981\u5BF9\u5B57\u7B26\u8FDB\u884C\u8F6C\u4E49)\u3002\n\n\u5355\u51FB\u201C\u4FDD\u7559\u201D\u53EF\u4FDD\u7559\u8F93\u5165\u7684\u540D\u79F0, \u6216\u8005\u5355\u51FB\u201C\u7F16\u8F91\u201D\u53EF\u7F16\u8F91\u8BE5\u540D\u79F0\u3002"},
-
-        {"Add.Public.Key.Alias", "\u6DFB\u52A0\u516C\u5171\u5BC6\u94A5\u522B\u540D"},
-        {"Remove.Public.Key.Alias", "\u5220\u9664\u516C\u5171\u5BC6\u94A5\u522B\u540D"},
-        {"File", "\u6587\u4EF6"},
-        {"KeyStore", "KeyStore"},
-        {"Policy.File.", "\u7B56\u7565\u6587\u4EF6:"},
-        {"Could.not.open.policy.file.policyFile.e.toString.",
-                "\u65E0\u6CD5\u6253\u5F00\u7B56\u7565\u6587\u4EF6: {0}: {1}"},
-        {"Policy.Tool", "\u7B56\u7565\u5DE5\u5177"},
-        {"Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.",
-                "\u6253\u5F00\u7B56\u7565\u914D\u7F6E\u65F6\u51FA\u9519\u3002\u6709\u5173\u8BE6\u7EC6\u4FE1\u606F, \u8BF7\u67E5\u770B\u8B66\u544A\u65E5\u5FD7\u3002"},
-        {"Error", "\u9519\u8BEF"},
-        {"OK", "\u786E\u5B9A"},
-        {"Status", "\u72B6\u6001"},
-        {"Warning", "\u8B66\u544A"},
-        {"Permission.",
-                "\u6743\u9650:                                                       "},
-        {"Principal.Type.", "\u4E3B\u7528\u6237\u7C7B\u578B:"},
-        {"Principal.Name.", "\u4E3B\u7528\u6237\u540D\u79F0:"},
-        {"Target.Name.",
-                "\u76EE\u6807\u540D\u79F0:                                                    "},
-        {"Actions.",
-                "\u64CD\u4F5C:                                                             "},
-        {"OK.to.overwrite.existing.file.filename.",
-                "\u786E\u8BA4\u8986\u76D6\u73B0\u6709\u7684\u6587\u4EF6{0}?"},
-        {"Cancel", "\u53D6\u6D88"},
-        {"CodeBase.", "CodeBase:"},
-        {"SignedBy.", "SignedBy:"},
-        {"Add.Principal", "\u6DFB\u52A0\u4E3B\u7528\u6237"},
-        {"Edit.Principal", "\u7F16\u8F91\u4E3B\u7528\u6237"},
-        {"Remove.Principal", "\u5220\u9664\u4E3B\u7528\u6237"},
-        {"Principals.", "\u4E3B\u7528\u6237:"},
-        {".Add.Permission", "  \u6DFB\u52A0\u6743\u9650"},
-        {".Edit.Permission", "  \u7F16\u8F91\u6743\u9650"},
-        {"Remove.Permission", "\u5220\u9664\u6743\u9650"},
-        {"Done", "\u5B8C\u6210"},
-        {"KeyStore.URL.", "KeyStore URL:"},
-        {"KeyStore.Type.", "KeyStore \u7C7B\u578B:"},
-        {"KeyStore.Provider.", "KeyStore \u63D0\u4F9B\u65B9:"},
-        {"KeyStore.Password.URL.", "KeyStore \u53E3\u4EE4 URL:"},
-        {"Principals", "\u4E3B\u7528\u6237"},
-        {".Edit.Principal.", "  \u7F16\u8F91\u4E3B\u7528\u6237:"},
-        {".Add.New.Principal.", "  \u6DFB\u52A0\u65B0\u4E3B\u7528\u6237:"},
-        {"Permissions", "\u6743\u9650"},
-        {".Edit.Permission.", "  \u7F16\u8F91\u6743\u9650:"},
-        {".Add.New.Permission.", "  \u52A0\u5165\u65B0\u7684\u6743\u9650:"},
-        {"Signed.By.", "\u7B7E\u7F72\u4EBA: "},
-        {"Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name",
-            "\u6CA1\u6709\u901A\u914D\u7B26\u540D\u79F0, \u65E0\u6CD5\u4F7F\u7528\u901A\u914D\u7B26\u7C7B\u6307\u5B9A\u4E3B\u7528\u6237"},
-        {"Cannot.Specify.Principal.without.a.Name",
-            "\u6CA1\u6709\u540D\u79F0, \u65E0\u6CD5\u6307\u5B9A\u4E3B\u7528\u6237"},
-        {"Permission.and.Target.Name.must.have.a.value",
-                "\u6743\u9650\u53CA\u76EE\u6807\u540D\u5FC5\u987B\u6709\u4E00\u4E2A\u503C"},
-        {"Remove.this.Policy.Entry.", "\u662F\u5426\u5220\u9664\u6B64\u7B56\u7565\u6761\u76EE?"},
-        {"Overwrite.File", "\u8986\u76D6\u6587\u4EF6"},
-        {"Policy.successfully.written.to.filename",
-                "\u7B56\u7565\u5DF2\u6210\u529F\u5199\u5165\u5230{0}"},
-        {"null.filename", "\u7A7A\u6587\u4EF6\u540D"},
-        {"Save.changes.", "\u662F\u5426\u4FDD\u5B58\u6240\u505A\u7684\u66F4\u6539?"},
-        {"Yes", "\u662F"},
-        {"No", "\u5426"},
-        {"Policy.Entry", "\u7B56\u7565\u6761\u76EE"},
-        {"Save.Changes", "\u4FDD\u5B58\u66F4\u6539"},
-        {"No.Policy.Entry.selected", "\u6CA1\u6709\u9009\u62E9\u7B56\u7565\u6761\u76EE"},
-        {"Unable.to.open.KeyStore.ex.toString.",
-                "\u65E0\u6CD5\u6253\u5F00 KeyStore: {0}"},
-        {"No.principal.selected", "\u672A\u9009\u62E9\u4E3B\u7528\u6237"},
-        {"No.permission.selected", "\u6CA1\u6709\u9009\u62E9\u6743\u9650"},
-        {"name", "\u540D\u79F0"},
-        {"configuration.type", "\u914D\u7F6E\u7C7B\u578B"},
-        {"environment.variable.name", "\u73AF\u5883\u53D8\u91CF\u540D"},
-        {"library.name", "\u5E93\u540D\u79F0"},
-        {"package.name", "\u7A0B\u5E8F\u5305\u540D\u79F0"},
-        {"policy.type", "\u7B56\u7565\u7C7B\u578B"},
-        {"property.name", "\u5C5E\u6027\u540D\u79F0"},
-        {"Principal.List", "\u4E3B\u7528\u6237\u5217\u8868"},
-        {"Permission.List", "\u6743\u9650\u5217\u8868"},
-        {"Code.Base", "\u4EE3\u7801\u5E93"},
-        {"KeyStore.U.R.L.", "KeyStore URL:"},
-        {"KeyStore.Password.U.R.L.", "KeyStore \u53E3\u4EE4 URL:"},
-
-
         // javax.security.auth.PrivateCredentialPermission
         {"invalid.null.input.s.", "\u65E0\u6548\u7684\u7A7A\u8F93\u5165"},
         {"actions.can.only.be.read.", "\u64CD\u4F5C\u53EA\u80FD\u4E3A '\u8BFB\u53D6'"},
@@ -553,6 +58,7 @@
         {"provided.null.OID.map", "\u63D0\u4F9B\u7684 OID \u6620\u5C04\u4E3A\u7A7A\u503C"},
 
         // javax.security.auth.Subject
+        {"NEWLINE", "\n"},
         {"invalid.null.AccessControlContext.provided",
                 "\u63D0\u4F9B\u4E86\u65E0\u6548\u7684\u7A7A AccessControlContext"},
         {"invalid.null.action.provided", "\u63D0\u4F9B\u4E86\u65E0\u6548\u7684\u7A7A\u64CD\u4F5C"},
@@ -656,6 +162,7 @@
      *
      * @return the contents of this <code>ResourceBundle</code>.
      */
+    @Override
     public Object[][] getContents() {
         return contents;
     }
--- a/jdk/src/share/classes/sun/security/util/Resources_zh_TW.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/src/share/classes/sun/security/util/Resources_zh_TW.java	Sun Oct 14 22:58:59 2012 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -34,501 +34,6 @@
 
     private static final Object[][] contents = {
 
-        // shared (from jarsigner)
-        {"SPACE", " "},
-        {"2SPACE", "  "},
-        {"6SPACE", "      "},
-        {"COMMA", ", "},
-        // shared (from keytool)
-        {"NEWLINE", "\n"},
-        {"STAR",
-                "*******************************************"},
-        {"STARNN",
-                "*******************************************\n\n"},
-
-        // keytool: Help part
-// "Option" should be translated.
-        {".OPTION.", " [\u9078\u9805]..."},
-        {"Options.", "\u9078\u9805:"},
-        {"Use.keytool.help.for.all.available.commands",
-                 "\u4F7F\u7528 \"keytool -help\" \u53D6\u5F97\u6240\u6709\u53EF\u7528\u7684\u547D\u4EE4"},
-        {"Key.and.Certificate.Management.Tool",
-                 "\u91D1\u9470\u8207\u6191\u8B49\u7BA1\u7406\u5DE5\u5177"},
-        {"Commands.", "\u547D\u4EE4:"},
-        {"Use.keytool.command.name.help.for.usage.of.command.name",
-                "\u4F7F\u7528 \"keytool -command_name -help\" \u53D6\u5F97 command_name \u7684\u7528\u6CD5"},
-        // keytool: help: commands
-        {"Generates.a.certificate.request",
-                "\u7522\u751F\u6191\u8B49\u8981\u6C42"}, //-certreq
-        {"Changes.an.entry.s.alias",
-                "\u8B8A\u66F4\u9805\u76EE\u7684\u5225\u540D"}, //-changealias
-        {"Deletes.an.entry",
-                "\u522A\u9664\u9805\u76EE"}, //-delete
-        {"Exports.certificate",
-                "\u532F\u51FA\u6191\u8B49"}, //-exportcert
-        {"Generates.a.key.pair",
-                "\u7522\u751F\u91D1\u9470\u7D44"}, //-genkeypair
-// translation of "secret" key should be different to "private" key.
-        {"Generates.a.secret.key",
-                "\u7522\u751F\u79D8\u5BC6\u91D1\u9470"}, //-genseckey
-        {"Generates.certificate.from.a.certificate.request",
-                "\u5F9E\u6191\u8B49\u8981\u6C42\u7522\u751F\u6191\u8B49"}, //-gencert
-        {"Generates.CRL", "\u7522\u751F CRL"}, //-gencrl
-        {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
-                "\u5F9E JDK 1.1.x-style \u8B58\u5225\u8CC7\u6599\u5EAB\u532F\u5165\u9805\u76EE"}, //-identitydb
-        {"Imports.a.certificate.or.a.certificate.chain",
-                "\u532F\u5165\u6191\u8B49\u6216\u6191\u8B49\u93C8"}, //-importcert
-        {"Imports.one.or.all.entries.from.another.keystore",
-                "\u5F9E\u5176\u4ED6\u91D1\u9470\u5132\u5B58\u5EAB\u532F\u5165\u4E00\u500B\u6216\u5168\u90E8\u9805\u76EE"}, //-importkeystore
-        {"Clones.a.key.entry",
-                "\u8907\u88FD\u91D1\u9470\u9805\u76EE"}, //-keyclone
-        {"Changes.the.key.password.of.an.entry",
-                "\u8B8A\u66F4\u9805\u76EE\u7684\u91D1\u9470\u5BC6\u78BC"}, //-keypasswd
-        {"Lists.entries.in.a.keystore",
-                "\u5217\u793A\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D\u7684\u9805\u76EE"}, //-list
-        {"Prints.the.content.of.a.certificate",
-                "\u5217\u5370\u6191\u8B49\u7684\u5167\u5BB9"}, //-printcert
-        {"Prints.the.content.of.a.certificate.request",
-                "\u5217\u5370\u6191\u8B49\u8981\u6C42\u7684\u5167\u5BB9"}, //-printcertreq
-        {"Prints.the.content.of.a.CRL.file",
-                "\u5217\u5370 CRL \u6A94\u6848\u7684\u5167\u5BB9"}, //-printcrl
-        {"Generates.a.self.signed.certificate",
-                "\u7522\u751F\u81EA\u884C\u7C3D\u7F72\u7684\u6191\u8B49"}, //-selfcert
-        {"Changes.the.store.password.of.a.keystore",
-                "\u8B8A\u66F4\u91D1\u9470\u5132\u5B58\u5EAB\u7684\u5132\u5B58\u5BC6\u78BC"}, //-storepasswd
-        // keytool: help: options
-        {"alias.name.of.the.entry.to.process",
-                "\u8981\u8655\u7406\u9805\u76EE\u7684\u5225\u540D\u540D\u7A31"}, //-alias
-        {"destination.alias",
-                "\u76EE\u7684\u5730\u5225\u540D"}, //-destalias
-        {"destination.key.password",
-                "\u76EE\u7684\u5730\u91D1\u9470\u5BC6\u78BC"}, //-destkeypass
-        {"destination.keystore.name",
-                "\u76EE\u7684\u5730\u91D1\u9470\u5132\u5B58\u5EAB\u540D\u7A31"}, //-destkeystore
-        {"destination.keystore.password.protected",
-                "\u76EE\u7684\u5730\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC\u4FDD\u8B77"}, //-destprotected
-        {"destination.keystore.provider.name",
-                "\u76EE\u7684\u5730\u91D1\u9470\u5132\u5B58\u5EAB\u63D0\u4F9B\u8005\u540D\u7A31"}, //-destprovidername
-        {"destination.keystore.password",
-                "\u76EE\u7684\u5730\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC"}, //-deststorepass
-        {"destination.keystore.type",
-                "\u76EE\u7684\u5730\u91D1\u9470\u5132\u5B58\u5EAB\u985E\u578B"}, //-deststoretype
-        {"distinguished.name",
-                "\u8FA8\u5225\u540D\u7A31"}, //-dname
-        {"X.509.extension",
-                "X.509 \u64F4\u5145\u5957\u4EF6"}, //-ext
-        {"output.file.name",
-                "\u8F38\u51FA\u6A94\u6848\u540D\u7A31"}, //-file and -outfile
-        {"input.file.name",
-                "\u8F38\u5165\u6A94\u6848\u540D\u7A31"}, //-file and -infile
-        {"key.algorithm.name",
-                "\u91D1\u9470\u6F14\u7B97\u6CD5\u540D\u7A31"}, //-keyalg
-        {"key.password",
-                "\u91D1\u9470\u5BC6\u78BC"}, //-keypass
-        {"key.bit.size",
-                "\u91D1\u9470\u4F4D\u5143\u5927\u5C0F"}, //-keysize
-        {"keystore.name",
-                "\u91D1\u9470\u5132\u5B58\u5EAB\u540D\u7A31"}, //-keystore
-        {"new.password",
-                "\u65B0\u5BC6\u78BC"}, //-new
-        {"do.not.prompt",
-                "\u4E0D\u8981\u63D0\u793A"}, //-noprompt
-        {"password.through.protected.mechanism",
-                "\u7D93\u7531\u4FDD\u8B77\u6A5F\u5236\u7684\u5BC6\u78BC"}, //-protected
-        {"provider.argument",
-                "\u63D0\u4F9B\u8005\u5F15\u6578"}, //-providerarg
-        {"provider.class.name",
-                "\u63D0\u4F9B\u8005\u985E\u5225\u540D\u7A31"}, //-providerclass
-        {"provider.name",
-                "\u63D0\u4F9B\u8005\u540D\u7A31"}, //-providername
-        {"provider.classpath",
-                "\u63D0\u4F9B\u8005\u985E\u5225\u8DEF\u5F91"}, //-providerpath
-        {"output.in.RFC.style",
-                "\u4EE5 RFC \u6A23\u5F0F\u8F38\u51FA"}, //-rfc
-        {"signature.algorithm.name",
-                "\u7C3D\u7AE0\u6F14\u7B97\u6CD5\u540D\u7A31"}, //-sigalg
-        {"source.alias",
-                "\u4F86\u6E90\u5225\u540D"}, //-srcalias
-        {"source.key.password",
-                "\u4F86\u6E90\u91D1\u9470\u5BC6\u78BC"}, //-srckeypass
-        {"source.keystore.name",
-                "\u4F86\u6E90\u91D1\u9470\u5132\u5B58\u5EAB\u540D\u7A31"}, //-srckeystore
-        {"source.keystore.password.protected",
-                "\u4F86\u6E90\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC\u4FDD\u8B77"}, //-srcprotected
-        {"source.keystore.provider.name",
-                "\u4F86\u6E90\u91D1\u9470\u5132\u5B58\u5EAB\u63D0\u4F9B\u8005\u540D\u7A31"}, //-srcprovidername
-        {"source.keystore.password",
-                "\u4F86\u6E90\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC"}, //-srcstorepass
-        {"source.keystore.type",
-                "\u4F86\u6E90\u91D1\u9470\u5132\u5B58\u5EAB\u985E\u578B"}, //-srcstoretype
-        {"SSL.server.host.and.port",
-                "SSL \u4F3A\u670D\u5668\u4E3B\u6A5F\u8207\u9023\u63A5\u57E0"}, //-sslserver
-        {"signed.jar.file",
-                "\u7C3D\u7F72\u7684 jar \u6A94\u6848"}, //=jarfile
-        {"certificate.validity.start.date.time",
-                "\u6191\u8B49\u6709\u6548\u6027\u958B\u59CB\u65E5\u671F/\u6642\u9593"}, //-startdate
-        {"keystore.password",
-                "\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC"}, //-storepass
-        {"keystore.type",
-                "\u91D1\u9470\u5132\u5B58\u5EAB\u985E\u578B"}, //-storetype
-        {"trust.certificates.from.cacerts",
-                "\u4F86\u81EA cacerts \u7684\u4FE1\u4EFB\u6191\u8B49"}, //-trustcacerts
-        {"verbose.output",
-                "\u8A73\u7D30\u8CC7\u8A0A\u8F38\u51FA"}, //-v
-        {"validity.number.of.days",
-                "\u6709\u6548\u6027\u65E5\u6578"}, //-validity
-        {"Serial.ID.of.cert.to.revoke",
-                 "\u8981\u64A4\u92B7\u6191\u8B49\u7684\u5E8F\u5217 ID"}, //-id
-        // keytool: Running part
-        {"keytool.error.", "\u91D1\u9470\u5DE5\u5177\u932F\u8AA4: "},
-        {"Illegal.option.", "\u7121\u6548\u7684\u9078\u9805:"},
-        {"Illegal.value.", "\u7121\u6548\u503C: "},
-        {"Unknown.password.type.", "\u4E0D\u660E\u7684\u5BC6\u78BC\u985E\u578B: "},
-        {"Cannot.find.environment.variable.",
-                "\u627E\u4E0D\u5230\u74B0\u5883\u8B8A\u6578: "},
-        {"Cannot.find.file.", "\u627E\u4E0D\u5230\u6A94\u6848: "},
-        {"Command.option.flag.needs.an.argument.", "\u547D\u4EE4\u9078\u9805 {0} \u9700\u8981\u5F15\u6578\u3002"},
-        {"Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value.",
-                "\u8B66\u544A: PKCS12 \u91D1\u9470\u5132\u5B58\u5EAB\u4E0D\u652F\u63F4\u4E0D\u540C\u7684\u5132\u5B58\u5EAB\u548C\u91D1\u9470\u5BC6\u78BC\u3002\u5FFD\u7565\u4F7F\u7528\u8005\u6307\u5B9A\u7684 {0} \u503C\u3002"},
-        {".keystore.must.be.NONE.if.storetype.is.{0}",
-                "\u5982\u679C -storetype \u70BA {0}\uFF0C\u5247 -keystore \u5FC5\u9808\u70BA NONE"},
-        {"Too.many.retries.program.terminated",
-                 "\u91CD\u8A66\u6B21\u6578\u592A\u591A\uFF0C\u7A0B\u5F0F\u5DF2\u7D42\u6B62"},
-        {".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}",
-                "\u5982\u679C -storetype \u70BA {0}\uFF0C\u5247\u4E0D\u652F\u63F4 -storepasswd \u548C -keypasswd \u547D\u4EE4"},
-        {".keypasswd.commands.not.supported.if.storetype.is.PKCS12",
-                "\u5982\u679C -storetype \u70BA PKCS12\uFF0C\u5247\u4E0D\u652F\u63F4 -keypasswd \u547D\u4EE4"},
-        {".keypass.and.new.can.not.be.specified.if.storetype.is.{0}",
-                "\u5982\u679C -storetype \u70BA {0}\uFF0C\u5247\u4E0D\u80FD\u6307\u5B9A -keypass \u548C -new"},
-        {"if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified",
-                "\u5982\u679C\u6307\u5B9A -protected\uFF0C\u5247\u4E0D\u80FD\u6307\u5B9A -storepass\u3001-keypass \u548C -new"},
-        {"if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified",
-                "\u5982\u679C\u6307\u5B9A -srcprotected\uFF0C\u5247\u4E0D\u80FD\u6307\u5B9A -srcstorepass \u548C -srckeypass"},
-        {"if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified",
-                "\u5982\u679C\u91D1\u9470\u5132\u5B58\u5EAB\u4E0D\u53D7\u5BC6\u78BC\u4FDD\u8B77\uFF0C\u5247\u4E0D\u80FD\u6307\u5B9A -storepass\u3001-keypass \u548C -new"},
-        {"if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified",
-                "\u5982\u679C\u4F86\u6E90\u91D1\u9470\u5132\u5B58\u5EAB\u4E0D\u53D7\u5BC6\u78BC\u4FDD\u8B77\uFF0C\u5247\u4E0D\u80FD\u6307\u5B9A -srcstorepass \u548C -srckeypass"},
-        {"Illegal.startdate.value", "\u7121\u6548\u7684 startdate \u503C"},
-        {"Validity.must.be.greater.than.zero",
-                "\u6709\u6548\u6027\u5FC5\u9808\u5927\u65BC\u96F6"},
-        {"provName.not.a.provider", "{0} \u4E0D\u662F\u4E00\u500B\u63D0\u4F9B\u8005"},
-        {"Usage.error.no.command.provided", "\u7528\u6CD5\u932F\u8AA4: \u672A\u63D0\u4F9B\u547D\u4EE4"},
-        {"Source.keystore.file.exists.but.is.empty.", "\u4F86\u6E90\u91D1\u9470\u5132\u5B58\u5EAB\u6A94\u6848\u5B58\u5728\uFF0C\u4F46\u70BA\u7A7A: "},
-        {"Please.specify.srckeystore", "\u8ACB\u6307\u5B9A -srckeystore"},
-        {"Must.not.specify.both.v.and.rfc.with.list.command",
-                " 'list' \u547D\u4EE4\u4E0D\u80FD\u540C\u6642\u6307\u5B9A -v \u53CA -rfc"},
-        {"Key.password.must.be.at.least.6.characters",
-                "\u91D1\u9470\u5BC6\u78BC\u5FC5\u9808\u81F3\u5C11\u70BA 6 \u500B\u5B57\u5143"},
-        {"New.password.must.be.at.least.6.characters",
-                "\u65B0\u7684\u5BC6\u78BC\u5FC5\u9808\u81F3\u5C11\u70BA 6 \u500B\u5B57\u5143"},
-        {"Keystore.file.exists.but.is.empty.",
-                "\u91D1\u9470\u5132\u5B58\u5EAB\u6A94\u6848\u5B58\u5728\uFF0C\u4F46\u70BA\u7A7A\u767D: "},
-        {"Keystore.file.does.not.exist.",
-                "\u91D1\u9470\u5132\u5B58\u5EAB\u6A94\u6848\u4E0D\u5B58\u5728: "},
-        {"Must.specify.destination.alias", "\u5FC5\u9808\u6307\u5B9A\u76EE\u7684\u5730\u5225\u540D"},
-        {"Must.specify.alias", "\u5FC5\u9808\u6307\u5B9A\u5225\u540D"},
-        {"Keystore.password.must.be.at.least.6.characters",
-                "\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC\u5FC5\u9808\u81F3\u5C11\u70BA 6 \u500B\u5B57\u5143"},
-        {"Enter.keystore.password.", "\u8F38\u5165\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC:  "},
-        {"Enter.source.keystore.password.", "\u8ACB\u8F38\u5165\u4F86\u6E90\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC: "},
-        {"Enter.destination.keystore.password.", "\u8ACB\u8F38\u5165\u76EE\u7684\u5730\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC: "},
-        {"Keystore.password.is.too.short.must.be.at.least.6.characters",
-         "\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC\u592A\u77ED - \u5FC5\u9808\u81F3\u5C11\u70BA 6 \u500B\u5B57\u5143"},
-        {"Unknown.Entry.Type", "\u4E0D\u660E\u7684\u9805\u76EE\u985E\u578B"},
-        {"Too.many.failures.Alias.not.changed", "\u592A\u591A\u932F\u8AA4\u3002\u672A\u8B8A\u66F4\u5225\u540D"},
-        {"Entry.for.alias.alias.successfully.imported.",
-                 "\u5DF2\u6210\u529F\u532F\u5165\u5225\u540D {0} \u7684\u9805\u76EE\u3002"},
-        {"Entry.for.alias.alias.not.imported.", "\u672A\u532F\u5165\u5225\u540D {0} \u7684\u9805\u76EE\u3002"},
-        {"Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported.",
-                 "\u532F\u5165\u5225\u540D {0} \u7684\u9805\u76EE\u6642\u51FA\u73FE\u554F\u984C: {1}\u3002\n\u672A\u532F\u5165\u5225\u540D {0} \u7684\u9805\u76EE\u3002"},
-        {"Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled",
-                 "\u5DF2\u5B8C\u6210\u532F\u5165\u547D\u4EE4: \u6210\u529F\u532F\u5165 {0} \u500B\u9805\u76EE\uFF0C{1} \u500B\u9805\u76EE\u5931\u6557\u6216\u5DF2\u53D6\u6D88"},
-        {"Warning.Overwriting.existing.alias.alias.in.destination.keystore",
-                 "\u8B66\u544A: \u6B63\u5728\u8986\u5BEB\u76EE\u7684\u5730\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D\u7684\u73FE\u6709\u5225\u540D {0}"},
-        {"Existing.entry.alias.alias.exists.overwrite.no.",
-                 "\u73FE\u6709\u9805\u76EE\u5225\u540D {0} \u5B58\u5728\uFF0C\u662F\u5426\u8986\u5BEB\uFF1F[\u5426]:  "},
-        {"Too.many.failures.try.later", "\u592A\u591A\u932F\u8AA4 - \u8ACB\u7A0D\u5F8C\u518D\u8A66"},
-        {"Certification.request.stored.in.file.filename.",
-                "\u8A8D\u8B49\u8981\u6C42\u5132\u5B58\u5728\u6A94\u6848 <{0}>"},
-        {"Submit.this.to.your.CA", "\u5C07\u6B64\u9001\u51FA\u81F3\u60A8\u7684 CA"},
-        {"if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified",
-            "\u5982\u679C\u672A\u6307\u5B9A\u5225\u540D\uFF0C\u5247\u4E0D\u80FD\u6307\u5B9A destalias\u3001srckeypass \u53CA destkeypass"},
-        {"Certificate.stored.in.file.filename.",
-                "\u6191\u8B49\u5132\u5B58\u5728\u6A94\u6848 <{0}>"},
-        {"Certificate.reply.was.installed.in.keystore",
-                "\u6191\u8B49\u56DE\u8986\u5DF2\u5B89\u88DD\u5728\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D"},
-        {"Certificate.reply.was.not.installed.in.keystore",
-                "\u6191\u8B49\u56DE\u8986\u672A\u5B89\u88DD\u5728\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D"},
-        {"Certificate.was.added.to.keystore",
-                "\u6191\u8B49\u5DF2\u65B0\u589E\u81F3\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D"},
-        {"Certificate.was.not.added.to.keystore",
-                "\u6191\u8B49\u672A\u65B0\u589E\u81F3\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D"},
-        {".Storing.ksfname.", "[\u5132\u5B58 {0}]"},
-        {"alias.has.no.public.key.certificate.",
-                "{0} \u6C92\u6709\u516C\u958B\u91D1\u9470 (\u6191\u8B49)"},
-        {"Cannot.derive.signature.algorithm",
-                "\u7121\u6CD5\u53D6\u5F97\u7C3D\u7AE0\u6F14\u7B97\u6CD5"},
-        {"Alias.alias.does.not.exist",
-                "\u5225\u540D <{0}> \u4E0D\u5B58\u5728"},
-        {"Alias.alias.has.no.certificate",
-                "\u5225\u540D <{0}> \u6C92\u6709\u6191\u8B49"},
-        {"Key.pair.not.generated.alias.alias.already.exists",
-                "\u6C92\u6709\u5EFA\u7ACB\u91D1\u9470\u7D44\uFF0C\u5225\u540D <{0}> \u5DF2\u7D93\u5B58\u5728"},
-        {"Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for",
-                "\u91DD\u5C0D {4} \u7522\u751F\u6709\u6548\u671F {3} \u5929\u7684 {0} \u4F4D\u5143 {1} \u91D1\u9470\u7D44\u4EE5\u53CA\u81EA\u6211\u7C3D\u7F72\u6191\u8B49 ({2})\n\t"},
-        {"Enter.key.password.for.alias.", "\u8F38\u5165 <{0}> \u7684\u91D1\u9470\u5BC6\u78BC"},
-        {".RETURN.if.same.as.keystore.password.",
-                "\t(RETURN \u5982\u679C\u548C\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC\u76F8\u540C):  "},
-        {"Key.password.is.too.short.must.be.at.least.6.characters",
-                "\u91D1\u9470\u5BC6\u78BC\u592A\u77ED - \u5FC5\u9808\u81F3\u5C11\u70BA 6 \u500B\u5B57\u5143"},
-        {"Too.many.failures.key.not.added.to.keystore",
-                "\u592A\u591A\u932F\u8AA4 - \u91D1\u9470\u672A\u65B0\u589E\u81F3\u91D1\u9470\u5132\u5B58\u5EAB"},
-        {"Destination.alias.dest.already.exists",
-                "\u76EE\u7684\u5730\u5225\u540D <{0}> \u5DF2\u7D93\u5B58\u5728"},
-        {"Password.is.too.short.must.be.at.least.6.characters",
-                "\u5BC6\u78BC\u592A\u77ED - \u5FC5\u9808\u81F3\u5C11\u70BA 6 \u500B\u5B57\u5143"},
-        {"Too.many.failures.Key.entry.not.cloned",
-                "\u592A\u591A\u932F\u8AA4\u3002\u672A\u8907\u88FD\u91D1\u9470\u9805\u76EE"},
-        {"key.password.for.alias.", "<{0}> \u7684\u91D1\u9470\u5BC6\u78BC"},
-        {"Keystore.entry.for.id.getName.already.exists",
-                "<{0}> \u7684\u91D1\u9470\u5132\u5B58\u5EAB\u9805\u76EE\u5DF2\u7D93\u5B58\u5728"},
-        {"Creating.keystore.entry.for.id.getName.",
-                "\u5EFA\u7ACB <{0}> \u7684\u91D1\u9470\u5132\u5B58\u5EAB\u9805\u76EE..."},
-        {"No.entries.from.identity.database.added",
-                "\u6C92\u6709\u65B0\u589E\u4F86\u81EA\u8B58\u5225\u8CC7\u6599\u5EAB\u7684\u9805\u76EE"},
-        {"Alias.name.alias", "\u5225\u540D\u540D\u7A31: {0}"},
-        {"Creation.date.keyStore.getCreationDate.alias.",
-                "\u5EFA\u7ACB\u65E5\u671F: {0,date}"},
-        {"alias.keyStore.getCreationDate.alias.",
-                "{0}, {1,date}, "},
-        {"alias.", "{0}, "},
-        {"Entry.type.type.", "\u9805\u76EE\u985E\u578B: {0}"},
-        {"Certificate.chain.length.", "\u6191\u8B49\u93C8\u9577\u5EA6: "},
-        {"Certificate.i.1.", "\u6191\u8B49 [{0,number,integer}]:"},
-        {"Certificate.fingerprint.SHA1.", "\u6191\u8B49\u6307\u7D0B (SHA1): "},
-        {"Keystore.type.", "\u91D1\u9470\u5132\u5B58\u5EAB\u985E\u578B: "},
-        {"Keystore.provider.", "\u91D1\u9470\u5132\u5B58\u5EAB\u63D0\u4F9B\u8005: "},
-        {"Your.keystore.contains.keyStore.size.entry",
-                "\u60A8\u7684\u91D1\u9470\u5132\u5B58\u5EAB\u5305\u542B {0,number,integer} \u9805\u76EE"},
-        {"Your.keystore.contains.keyStore.size.entries",
-                "\u60A8\u7684\u91D1\u9470\u5132\u5B58\u5EAB\u5305\u542B {0,number,integer} \u9805\u76EE"},
-        {"Failed.to.parse.input", "\u7121\u6CD5\u5256\u6790\u8F38\u5165"},
-        {"Empty.input", "\u7A7A\u8F38\u5165"},
-        {"Not.X.509.certificate", "\u975E X.509 \u6191\u8B49"},
-        {"alias.has.no.public.key", "{0} \u7121\u516C\u958B\u91D1\u9470"},
-        {"alias.has.no.X.509.certificate", "{0} \u7121 X.509 \u6191\u8B49"},
-        {"New.certificate.self.signed.", "\u65B0\u6191\u8B49 (\u81EA\u6211\u7C3D\u7F72): "},
-        {"Reply.has.no.certificates", "\u56DE\u8986\u4E0D\u542B\u6191\u8B49"},
-        {"Certificate.not.imported.alias.alias.already.exists",
-                "\u6191\u8B49\u672A\u8F38\u5165\uFF0C\u5225\u540D <{0}> \u5DF2\u7D93\u5B58\u5728"},
-        {"Input.not.an.X.509.certificate", "\u8F38\u5165\u7684\u4E0D\u662F X.509 \u6191\u8B49"},
-        {"Certificate.already.exists.in.keystore.under.alias.trustalias.",
-                "\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D\u7684 <{0}> \u5225\u540D\u4E4B\u4E0B\uFF0C\u6191\u8B49\u5DF2\u7D93\u5B58\u5728"},
-        {"Do.you.still.want.to.add.it.no.",
-                "\u60A8\u4ECD\u7136\u60F3\u8981\u5C07\u4E4B\u65B0\u589E\u55CE\uFF1F [\u5426]:  "},
-        {"Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias.",
-                "\u6574\u500B\u7CFB\u7D71 CA \u91D1\u9470\u5132\u5B58\u5EAB\u4E2D\u7684 <{0}> \u5225\u540D\u4E4B\u4E0B\uFF0C\u6191\u8B49\u5DF2\u7D93\u5B58\u5728"},
-        {"Do.you.still.want.to.add.it.to.your.own.keystore.no.",
-                "\u60A8\u4ECD\u7136\u60F3\u8981\u5C07\u4E4B\u65B0\u589E\u81F3\u81EA\u5DF1\u7684\u91D1\u9470\u5132\u5B58\u5EAB\u55CE\uFF1F [\u5426]:  "},
-        {"Trust.this.certificate.no.", "\u4FE1\u4EFB\u9019\u500B\u6191\u8B49\uFF1F [\u5426]:  "},
-        {"YES", "\u662F"},
-        {"New.prompt.", "\u65B0 {0}: "},
-        {"Passwords.must.differ", "\u5FC5\u9808\u662F\u4E0D\u540C\u7684\u5BC6\u78BC"},
-        {"Re.enter.new.prompt.", "\u91CD\u65B0\u8F38\u5165\u65B0 {0}: "},
-        {"Re.enter.new.password.", "\u91CD\u65B0\u8F38\u5165\u65B0\u5BC6\u78BC: "},
-        {"They.don.t.match.Try.again", "\u5B83\u5011\u4E0D\u76F8\u7B26\u3002\u8ACB\u91CD\u8A66"},
-        {"Enter.prompt.alias.name.", "\u8F38\u5165 {0} \u5225\u540D\u540D\u7A31:  "},
-        {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
-                 "\u8ACB\u8F38\u5165\u65B0\u7684\u5225\u540D\u540D\u7A31\t(RETURN \u4EE5\u53D6\u6D88\u532F\u5165\u6B64\u9805\u76EE):"},
-        {"Enter.alias.name.", "\u8F38\u5165\u5225\u540D\u540D\u7A31:  "},
-        {".RETURN.if.same.as.for.otherAlias.",
-                "\t(RETURN \u5982\u679C\u548C <{0}> \u7684\u76F8\u540C)"},
-        {".PATTERN.printX509Cert",
-                "\u64C1\u6709\u8005: {0}\n\u767C\u51FA\u8005: {1}\n\u5E8F\u865F: {2}\n\u6709\u6548\u671F\u81EA: {3} \u5230: {4}\n\u6191\u8B49\u6307\u7D0B:\n\t MD5:  {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t \u7C3D\u7AE0\u6F14\u7B97\u6CD5\u540D\u7A31: {8}\n\t \u7248\u672C: {9}"},
-        {"What.is.your.first.and.last.name.",
-                "\u60A8\u7684\u540D\u5B57\u8207\u59D3\u6C0F\u70BA\u4F55\uFF1F"},
-        {"What.is.the.name.of.your.organizational.unit.",
-                "\u60A8\u7684\u7D44\u7E54\u55AE\u4F4D\u540D\u7A31\u70BA\u4F55\uFF1F"},
-        {"What.is.the.name.of.your.organization.",
-                "\u60A8\u7684\u7D44\u7E54\u540D\u7A31\u70BA\u4F55\uFF1F"},
-        {"What.is.the.name.of.your.City.or.Locality.",
-                "\u60A8\u6240\u5728\u7684\u57CE\u5E02\u6216\u5730\u5340\u540D\u7A31\u70BA\u4F55\uFF1F"},
-        {"What.is.the.name.of.your.State.or.Province.",
-                "\u60A8\u6240\u5728\u7684\u5DDE\u53CA\u7701\u4EFD\u540D\u7A31\u70BA\u4F55\uFF1F"},
-        {"What.is.the.two.letter.country.code.for.this.unit.",
-                "\u6B64\u55AE\u4F4D\u7684\u5169\u500B\u5B57\u6BCD\u570B\u5225\u4EE3\u78BC\u70BA\u4F55\uFF1F"},
-        {"Is.name.correct.", "{0} \u6B63\u78BA\u55CE\uFF1F"},
-        {"no", "\u5426"},
-        {"yes", "\u662F"},
-        {"y", "y"},
-        {".defaultValue.", "  [{0}]:  "},
-        {"Alias.alias.has.no.key",
-                "\u5225\u540D <{0}> \u6C92\u6709\u91D1\u9470"},
-        {"Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key",
-                 "\u5225\u540D <{0}> \u6240\u53C3\u7167\u7684\u9805\u76EE\u4E0D\u662F\u79C1\u5BC6\u91D1\u9470\u985E\u578B\u3002-keyclone \u547D\u4EE4\u50C5\u652F\u63F4\u79C1\u5BC6\u91D1\u9470\u9805\u76EE\u7684\u8907\u88FD"},
-
-        {".WARNING.WARNING.WARNING.",
-            "*****************  \u8B66\u544A \u8B66\u544A \u8B66\u544A  *****************"},
-        {"Signer.d.", "\u7C3D\u7F72\u8005 #%d:"},
-        {"Timestamp.", "\u6642\u6233:"},
-        {"Signature.", "\u7C3D\u7AE0:"},
-        {"CRLs.", "CRL:"},
-        {"Certificate.owner.", "\u6191\u8B49\u64C1\u6709\u8005: "},
-        {"Not.a.signed.jar.file", "\u4E0D\u662F\u7C3D\u7F72\u7684 jar \u6A94\u6848"},
-        {"No.certificate.from.the.SSL.server",
-                "\u6C92\u6709\u4F86\u81EA SSL \u4F3A\u670D\u5668\u7684\u6191\u8B49"},
-
-        {".The.integrity.of.the.information.stored.in.your.keystore.",
-            "* \u5C1A\u672A\u9A57\u8B49\u5132\u5B58\u65BC\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D\u8CC7\u8A0A  *\n* \u7684\u5B8C\u6574\u6027\uFF01\u82E5\u8981\u9A57\u8B49\u5176\u5B8C\u6574\u6027\uFF0C*\n* \u60A8\u5FC5\u9808\u63D0\u4F9B\u60A8\u7684\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC\u3002                  *"},
-        {".The.integrity.of.the.information.stored.in.the.srckeystore.",
-            "* \u5C1A\u672A\u9A57\u8B49\u5132\u5B58\u65BC srckeystore \u4E2D\u8CC7\u8A0A*\n* \u7684\u5B8C\u6574\u6027\uFF01\u82E5\u8981\u9A57\u8B49\u5176\u5B8C\u6574\u6027\uFF0C\u60A8\u5FC5\u9808 *\n* \u63D0\u4F9B srckeystore \u5BC6\u78BC\u3002          *"},
-
-        {"Certificate.reply.does.not.contain.public.key.for.alias.",
-                "\u6191\u8B49\u56DE\u8986\u4E26\u672A\u5305\u542B <{0}> \u7684\u516C\u958B\u91D1\u9470"},
-        {"Incomplete.certificate.chain.in.reply",
-                "\u56DE\u8986\u6642\u7684\u6191\u8B49\u93C8\u4E0D\u5B8C\u6574"},
-        {"Certificate.chain.in.reply.does.not.verify.",
-                "\u56DE\u8986\u6642\u7684\u6191\u8B49\u93C8\u672A\u9A57\u8B49: "},
-        {"Top.level.certificate.in.reply.",
-                "\u56DE\u8986\u6642\u7684\u6700\u9AD8\u7D1A\u6191\u8B49:\\n"},
-        {".is.not.trusted.", "... \u662F\u4E0D\u88AB\u4FE1\u4EFB\u7684\u3002"},
-        {"Install.reply.anyway.no.", "\u9084\u662F\u8981\u5B89\u88DD\u56DE\u8986\uFF1F [\u5426]:  "},
-        {"NO", "\u5426"},
-        {"Public.keys.in.reply.and.keystore.don.t.match",
-                "\u56DE\u8986\u6642\u7684\u516C\u958B\u91D1\u9470\u8207\u91D1\u9470\u5132\u5B58\u5EAB\u4E0D\u7B26"},
-        {"Certificate.reply.and.certificate.in.keystore.are.identical",
-                "\u6191\u8B49\u56DE\u8986\u8207\u91D1\u9470\u5132\u5B58\u5EAB\u4E2D\u7684\u6191\u8B49\u662F\u76F8\u540C\u7684"},
-        {"Failed.to.establish.chain.from.reply",
-                "\u7121\u6CD5\u5F9E\u56DE\u8986\u4E2D\u5C07\u93C8\u5EFA\u7ACB\u8D77\u4F86"},
-        {"n", "n"},
-        {"Wrong.answer.try.again", "\u932F\u8AA4\u7684\u7B54\u6848\uFF0C\u8ACB\u518D\u8A66\u4E00\u6B21"},
-        {"Secret.key.not.generated.alias.alias.already.exists",
-                "\u672A\u7522\u751F\u79D8\u5BC6\u91D1\u9470\uFF0C\u5225\u540D <{0}> \u5DF2\u5B58\u5728"},
-        {"Please.provide.keysize.for.secret.key.generation",
-                "\u8ACB\u63D0\u4F9B -keysize \u4EE5\u7522\u751F\u79D8\u5BC6\u91D1\u9470"},
-
-        {"Extensions.", "\u64F4\u5145\u5957\u4EF6: "},
-        {".Empty.value.", "(\u7A7A\u767D\u503C)"},
-        {"Extension.Request.", "\u64F4\u5145\u5957\u4EF6\u8981\u6C42:"},
-        {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
-                "PKCS #10 \u6191\u8B49\u8981\u6C42 (\u7248\u672C 1.0)\n\u4E3B\u9AD4: %s\n\u516C\u7528\u91D1\u9470: %s \u683C\u5F0F %s \u91D1\u9470\n"},
-        {"Unknown.keyUsage.type.", "\u4E0D\u660E\u7684 keyUsage \u985E\u578B: "},
-        {"Unknown.extendedkeyUsage.type.", "\u4E0D\u660E\u7684 extendedkeyUsage \u985E\u578B: "},
-        {"Unknown.AccessDescription.type.", "\u4E0D\u660E\u7684 AccessDescription \u985E\u578B: "},
-        {"Unrecognized.GeneralName.type.", "\u7121\u6CD5\u8FA8\u8B58\u7684 GeneralName \u985E\u578B: "},
-        {"This.extension.cannot.be.marked.as.critical.",
-                 "\u6B64\u64F4\u5145\u5957\u4EF6\u7121\u6CD5\u6A19\u793A\u70BA\u95DC\u9375\u3002"},
-        {"Odd.number.of.hex.digits.found.", "\u627E\u5230\u5341\u516D\u9032\u4F4D\u6578\u5B57\u7684\u5947\u6578: "},
-        {"Unknown.extension.type.", "\u4E0D\u660E\u7684\u64F4\u5145\u5957\u4EF6\u985E\u578B: "},
-        {"command.{0}.is.ambiguous.", "\u547D\u4EE4 {0} \u4E0D\u660E\u78BA:"},
-
-        // policytool
-        {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.",
-                "\u8B66\u544A: \u5225\u540D {0} \u7684\u516C\u958B\u91D1\u9470\u4E0D\u5B58\u5728\u3002\u8ACB\u78BA\u5B9A\u91D1\u9470\u5132\u5B58\u5EAB\u914D\u7F6E\u6B63\u78BA\u3002"},
-        {"Warning.Class.not.found.class", "\u8B66\u544A: \u627E\u4E0D\u5230\u985E\u5225 {0}"},
-        {"Warning.Invalid.argument.s.for.constructor.arg",
-                "\u8B66\u544A: \u7121\u6548\u7684\u5EFA\u69CB\u5B50\u5F15\u6578: {0}"},
-        {"Illegal.Principal.Type.type", "\u7121\u6548\u7684 Principal \u985E\u578B: {0}"},
-        {"Illegal.option.option", "\u7121\u6548\u7684\u9078\u9805: {0}"},
-        {"Usage.policytool.options.", "\u7528\u6CD5: policytool [options]"},
-        {".file.file.policy.file.location",
-                "  [-file <file>]    \u539F\u5247\u6A94\u6848\u4F4D\u7F6E"},
-        {"New", "\u65B0\u589E"},
-        {"Open", "\u958B\u555F"},
-        {"Save", "\u5132\u5B58"},
-        {"Save.As", "\u53E6\u5B58\u65B0\u6A94"},
-        {"View.Warning.Log", "\u6AA2\u8996\u8B66\u544A\u8A18\u9304"},
-        {"Exit", "\u7D50\u675F"},
-        {"Add.Policy.Entry", "\u65B0\u589E\u539F\u5247\u9805\u76EE"},
-        {"Edit.Policy.Entry", "\u7DE8\u8F2F\u539F\u5247\u9805\u76EE"},
-        {"Remove.Policy.Entry", "\u79FB\u9664\u539F\u5247\u9805\u76EE"},
-        {"Edit", "\u7DE8\u8F2F"},
-        {"Retain", "\u4FDD\u7559"},
-
-        {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes",
-            "\u8B66\u544A: \u6A94\u6848\u540D\u7A31\u5305\u542B\u9041\u96E2\u53CD\u659C\u7DDA\u5B57\u5143\u3002\u4E0D\u9700\u8981\u9041\u96E2\u53CD\u659C\u7DDA\u5B57\u5143 (\u64B0\u5BEB\u539F\u5247\u5167\u5BB9\u81F3\u6C38\u4E45\u5B58\u653E\u5340\u6642\u9700\u8981\u5DE5\u5177\u9041\u96E2\u5B57\u5143)\u3002\n\n\u6309\u4E00\u4E0B\u300C\u4FDD\u7559\u300D\u4EE5\u4FDD\u7559\u8F38\u5165\u7684\u540D\u7A31\uFF0C\u6216\u6309\u4E00\u4E0B\u300C\u7DE8\u8F2F\u300D\u4EE5\u7DE8\u8F2F\u540D\u7A31\u3002"},
-
-        {"Add.Public.Key.Alias", "\u65B0\u589E\u516C\u958B\u91D1\u9470\u5225\u540D"},
-        {"Remove.Public.Key.Alias", "\u79FB\u9664\u516C\u958B\u91D1\u9470\u5225\u540D"},
-        {"File", "\u6A94\u6848"},
-        {"KeyStore", "\u91D1\u9470\u5132\u5B58\u5EAB"},
-        {"Policy.File.", "\u539F\u5247\u6A94\u6848: "},
-        {"Could.not.open.policy.file.policyFile.e.toString.",
-                "\u7121\u6CD5\u958B\u555F\u539F\u5247\u6A94\u6848: {0}: {1}"},
-        {"Policy.Tool", "\u539F\u5247\u5DE5\u5177"},
-        {"Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.",
-                "\u958B\u555F\u539F\u5247\u8A18\u7F6E\u6642\u767C\u751F\u932F\u8AA4\u3002\u8ACB\u6AA2\u8996\u8B66\u544A\u8A18\u9304\u4EE5\u53D6\u5F97\u66F4\u591A\u7684\u8CC7\u8A0A"},
-        {"Error", "\u932F\u8AA4"},
-        {"OK", "\u78BA\u5B9A"},
-        {"Status", "\u72C0\u614B"},
-        {"Warning", "\u8B66\u544A"},
-        {"Permission.",
-                "\u6B0A\u9650:                                                       "},
-        {"Principal.Type.", "Principal \u985E\u578B: "},
-        {"Principal.Name.", "Principal \u540D\u7A31: "},
-        {"Target.Name.",
-                "\u76EE\u6A19\u540D\u7A31:                                                    "},
-        {"Actions.",
-                "\u52D5\u4F5C:                                                             "},
-        {"OK.to.overwrite.existing.file.filename.",
-                "\u78BA\u8A8D\u8986\u5BEB\u73FE\u5B58\u7684\u6A94\u6848 {0}\uFF1F"},
-        {"Cancel", "\u53D6\u6D88"},
-        {"CodeBase.", "CodeBase:"},
-        {"SignedBy.", "SignedBy:"},
-        {"Add.Principal", "\u65B0\u589E Principal"},
-        {"Edit.Principal", "\u7DE8\u8F2F Principal"},
-        {"Remove.Principal", "\u79FB\u9664 Principal"},
-        {"Principals.", "Principal:"},
-        {".Add.Permission", "  \u65B0\u589E\u6B0A\u9650"},
-        {".Edit.Permission", "  \u7DE8\u8F2F\u6B0A\u9650"},
-        {"Remove.Permission", "\u79FB\u9664\u6B0A\u9650"},
-        {"Done", "\u5B8C\u6210"},
-        {"KeyStore.URL.", "\u91D1\u9470\u5132\u5B58\u5EAB URL: "},
-        {"KeyStore.Type.", "\u91D1\u9470\u5132\u5B58\u5EAB\u985E\u578B:"},
-        {"KeyStore.Provider.", "\u91D1\u9470\u5132\u5B58\u5EAB\u63D0\u4F9B\u8005:"},
-        {"KeyStore.Password.URL.", "\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC URL: "},
-        {"Principals", "Principal"},
-        {".Edit.Principal.", "  \u7DE8\u8F2F Principal: "},
-        {".Add.New.Principal.", "  \u65B0\u589E Principal: "},
-        {"Permissions", "\u6B0A\u9650"},
-        {".Edit.Permission.", "  \u7DE8\u8F2F\u6B0A\u9650:"},
-        {".Add.New.Permission.", "  \u65B0\u589E\u6B0A\u9650:"},
-        {"Signed.By.", "\u7C3D\u7F72\u4EBA: "},
-        {"Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name",
-            "\u6C92\u6709\u842C\u7528\u5B57\u5143\u540D\u7A31\uFF0C\u7121\u6CD5\u6307\u5B9A\u542B\u6709\u842C\u7528\u5B57\u5143\u985E\u5225\u7684 Principal"},
-        {"Cannot.Specify.Principal.without.a.Name",
-            "\u6C92\u6709\u540D\u7A31\uFF0C\u7121\u6CD5\u6307\u5B9A Principal"},
-        {"Permission.and.Target.Name.must.have.a.value",
-                "\u6B0A\u9650\u53CA\u76EE\u6A19\u540D\u7A31\u5FC5\u9808\u6709\u4E00\u500B\u503C\u3002"},
-        {"Remove.this.Policy.Entry.", "\u79FB\u9664\u9019\u500B\u539F\u5247\u9805\u76EE\uFF1F"},
-        {"Overwrite.File", "\u8986\u5BEB\u6A94\u6848"},
-        {"Policy.successfully.written.to.filename",
-                "\u539F\u5247\u6210\u529F\u5BEB\u5165\u81F3 {0}"},
-        {"null.filename", "\u7A7A\u503C\u6A94\u540D"},
-        {"Save.changes.", "\u5132\u5B58\u8B8A\u66F4\uFF1F"},
-        {"Yes", "\u662F"},
-        {"No", "\u5426"},
-        {"Policy.Entry", "\u539F\u5247\u9805\u76EE"},
-        {"Save.Changes", "\u5132\u5B58\u8B8A\u66F4"},
-        {"No.Policy.Entry.selected", "\u6C92\u6709\u9078\u53D6\u539F\u5247\u9805\u76EE"},
-        {"Unable.to.open.KeyStore.ex.toString.",
-                "\u7121\u6CD5\u958B\u555F\u91D1\u9470\u5132\u5B58\u5EAB: {0}"},
-        {"No.principal.selected", "\u672A\u9078\u53D6 Principal"},
-        {"No.permission.selected", "\u6C92\u6709\u9078\u53D6\u6B0A\u9650"},
-        {"name", "\u540D\u7A31"},
-        {"configuration.type", "\u7D44\u614B\u985E\u578B"},
-        {"environment.variable.name", "\u74B0\u5883\u8B8A\u6578\u540D\u7A31"},
-        {"library.name", "\u7A0B\u5F0F\u5EAB\u540D\u7A31"},
-        {"package.name", "\u5957\u88DD\u7A0B\u5F0F\u540D\u7A31"},
-        {"policy.type", "\u539F\u5247\u985E\u578B"},
-        {"property.name", "\u5C6C\u6027\u540D\u7A31"},
-        {"Principal.List", "Principal \u6E05\u55AE"},
-        {"Permission.List", "\u6B0A\u9650\u6E05\u55AE"},
-        {"Code.Base", "\u4EE3\u78BC\u57FA\u6E96"},
-        {"KeyStore.U.R.L.", "\u91D1\u9470\u5132\u5B58\u5EAB URL:"},
-        {"KeyStore.Password.U.R.L.", "\u91D1\u9470\u5132\u5B58\u5EAB\u5BC6\u78BC URL:"},
-
-
         // javax.security.auth.PrivateCredentialPermission
         {"invalid.null.input.s.", "\u7121\u6548\u7A7A\u503C\u8F38\u5165"},
         {"actions.can.only.be.read.", "\u52D5\u4F5C\u53EA\u80FD\u88AB\u300C\u8B80\u53D6\u300D"},
@@ -553,6 +58,7 @@
         {"provided.null.OID.map", "\u63D0\u4F9B\u7A7A\u503C OID \u5C0D\u6620"},
 
         // javax.security.auth.Subject
+        {"NEWLINE", "\n"},
         {"invalid.null.AccessControlContext.provided",
                 "\u63D0\u4F9B\u7121\u6548\u7684\u7A7A\u503C AccessControlContext"},
         {"invalid.null.action.provided", "\u63D0\u4F9B\u7121\u6548\u7684\u7A7A\u503C\u52D5\u4F5C"},
@@ -656,6 +162,7 @@
      *
      * @return the contents of this <code>ResourceBundle</code>.
      */
+    @Override
     public Object[][] getContents() {
         return contents;
     }
--- a/jdk/test/sun/security/pkcs12/PKCS12SameKeyId.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/test/sun/security/pkcs12/PKCS12SameKeyId.java	Sun Oct 14 22:58:59 2012 +0100
@@ -25,6 +25,8 @@
  * @test
  * @bug 6958026
  * @summary Problem with PKCS12 keystore
+ * @compile -XDignore.symbol.file PKCS12SameKeyId.java
+ * @run main PKCS12SameKeyId
  */
 
 import java.io.File;
@@ -40,7 +42,6 @@
 import javax.crypto.spec.PBEKeySpec;
 import javax.crypto.spec.PBEParameterSpec;
 import sun.security.pkcs.EncryptedPrivateKeyInfo;
-import sun.security.tools.KeyTool;
 import sun.security.util.ObjectIdentifier;
 import sun.security.x509.AlgorithmId;
 import sun.security.x509.X500Name;
@@ -61,7 +62,7 @@
             String cmd = "-keystore " + JKSFILE
                     + " -storepass changeit -keypass changeit "
                     + "-genkeypair -alias p" + i + " -dname CN=" + i;
-            KeyTool.main(cmd.split(" "));
+            sun.security.tools.keytool.Main.main(cmd.split(" "));
         }
 
         // Prepare EncryptedPrivateKeyInfo parameters, copied from various
--- a/jdk/test/sun/security/tools/jarsigner/JarSigningNonAscii.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/test/sun/security/tools/jarsigner/JarSigningNonAscii.java	Sun Oct 14 22:58:59 2012 +0100
@@ -62,7 +62,7 @@
                         "-signedJar", signedJar,
                         unsignedJar, "b"
                         };
-        JarSigner.main(jsArgs);
+        sun.security.tools.jarsigner.Main.main(jsArgs);
 
         //  verify the signed jar file
 
--- a/jdk/test/sun/security/tools/jarsigner/LargeJarEntry.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/test/sun/security/tools/jarsigner/LargeJarEntry.java	Sun Oct 14 22:58:59 2012 +0100
@@ -35,7 +35,6 @@
 import java.util.jar.JarEntry;
 import java.util.jar.JarOutputStream;
 import java.util.zip.CRC32;
-import sun.security.tools.JarSigner;
 
 public class LargeJarEntry {
 
@@ -73,7 +72,7 @@
                 jarName, "b" };
         // now, try to sign it
         try {
-            JarSigner.main(jsArgs);
+            sun.security.tools.jarsigner.Main.main(jsArgs);
         } catch (OutOfMemoryError err) {
             throw new Exception("Test failed with OutOfMemoryError", err);
         } finally {
--- a/jdk/test/sun/security/tools/keytool/CloseFile.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/test/sun/security/tools/keytool/CloseFile.java	Sun Oct 14 22:58:59 2012 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,12 +26,13 @@
  * @bug 6489721
  * @summary keytool has not closed several file streams
  * @author weijun.wang
+ * @compile -XDignore.symbol.file CloseFile.java
+ * @run main CloseFile
  *
  * This test is only useful on Windows, which fails before the fix and succeeds
  * after it. On other platforms, it always passes.
  */
 
-import sun.security.tools.KeyTool;
 import java.io.*;
 
 public class CloseFile {
@@ -58,7 +59,7 @@
     }
 
     static void run(String s) throws Exception {
-        KeyTool.main((s+" -debug").split(" "));
+        sun.security.tools.keytool.Main.main((s+" -debug").split(" "));
     }
     static void remove(String filename, boolean check) {
         new File(filename).delete();
--- a/jdk/test/sun/security/tools/keytool/KeyToolTest.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/test/sun/security/tools/keytool/KeyToolTest.java	Sun Oct 14 22:58:59 2012 +0100
@@ -56,7 +56,6 @@
  */
 
 import java.security.KeyStore;
-import sun.security.tools.KeyTool;
 import sun.security.x509.*;
 import java.io.*;
 import java.security.KeyPairGenerator;
@@ -149,12 +148,13 @@
             System.setOut(new PrintStream(b1));
             System.setErr(new PrintStream(b2));
 
-            // since System.in is overrided, the KeyTool.main() method will
+            // since System.in is overrided, the
+            // sun.security.tools.keytool.Main.main() method will
             // never block at user input
 
-            // use -debug so that KeyTool.main() will throw an Exception
+            // use -debug so that main() will throw an Exception
             // instead of calling System.exit()
-            KeyTool.main(("-debug "+cmd).split("\\s+"));
+            sun.security.tools.keytool.Main.main(("-debug "+cmd).split("\\s+"));
         } finally {
             out = b1.toString();
             err = b2.toString();
--- a/jdk/test/sun/security/tools/keytool/NewSize7.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/test/sun/security/tools/keytool/NewSize7.java	Sun Oct 14 22:58:59 2012 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,6 +25,8 @@
  * @test
  * @bug 6561126
  * @summary keytool should use larger default keysize for keypairs
+ * @compile -XDignore.symbol.file NewSize7.java
+ * @run main NewSize7
  */
 
 import java.io.File;
@@ -34,13 +36,13 @@
 import java.security.KeyStore;
 import java.security.cert.X509Certificate;
 import java.security.interfaces.RSAPublicKey;
-import sun.security.tools.KeyTool;
 
 public class NewSize7 {
     public static void main(String[] args) throws Exception {
         String FILE = "newsize7-ks";
         new File(FILE).delete();
-        KeyTool.main(("-debug -genkeypair -keystore " + FILE +
+        sun.security.tools.keytool.Main.main(("-debug -genkeypair -keystore " +
+                FILE +
                 " -alias a -dname cn=c -storepass changeit" +
                 " -keypass changeit -keyalg rsa").split(" "));
         KeyStore ks = KeyStore.getInstance("JKS");
--- a/jdk/test/sun/security/tools/keytool/StartDateTest.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/test/sun/security/tools/keytool/StartDateTest.java	Sun Oct 14 22:58:59 2012 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2007, 2008, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2007, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,6 +25,8 @@
  * @test
  * @bug 6468285
  * @summary keytool ability to backdate self-signed certificates to compensate for clock skew
+ * @compile -XDignore.symbol.file StartDateTest.java
+ * @run main StartDateTest
  */
 
 import java.io.File;
@@ -35,7 +37,6 @@
 import java.util.Calendar;
 import java.util.Date;
 import java.util.GregorianCalendar;
-import sun.security.tools.KeyTool;
 
 public class StartDateTest {
     public static void main(String[] args) throws Exception {
@@ -66,7 +67,8 @@
         new File("jks").delete();
 
         // Part 2: Test format
-        Method m = KeyTool.class.getDeclaredMethod("getStartDate", String.class);
+        Method m = sun.security.tools.keytool.Main.class.getDeclaredMethod(
+                   "getStartDate", String.class);
         m.setAccessible(true);
         for (String s: new String[] {
                 null,       //NOW!
@@ -127,7 +129,7 @@
     }
 
     static void run(String s) throws Exception {
-        KeyTool.main((s+" -debug").split(" "));
+        sun.security.tools.keytool.Main.main((s+" -debug").split(" "));
     }
 
     static Date getIssueDate() throws Exception {
--- a/jdk/test/sun/security/tools/keytool/UnknownAndUnparseable.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/test/sun/security/tools/keytool/UnknownAndUnparseable.java	Sun Oct 14 22:58:59 2012 +0100
@@ -25,12 +25,13 @@
  * @test
  * @bug 7192202
  * @summary Make sure keytool prints both unknown and unparseable extensions
+ * @compile -XDignore.symbol.file UnknownAndUnparseable.java
+ * @run main UnknownAndUnparseable
  */
 
 import java.io.ByteArrayOutputStream;
 import java.io.File;
 import java.io.PrintStream;
-import sun.security.tools.KeyTool;
 import sun.security.x509.PKIXExtensions;
 
 public class UnknownAndUnparseable {
@@ -44,14 +45,14 @@
         String genkey = s
                 + "-genkeypair -alias a -dname CN=A -ext 1.2.3.4=1234 "
                 + "-ext " + PKIXExtensions.KeyUsage_Id.toString() + "=5678";
-        KeyTool.main(genkey.split(" "));
+        sun.security.tools.keytool.Main.main(genkey.split(" "));
 
         // Get the list output to a string
         String list = s + "-list -v";
         ByteArrayOutputStream bout = new ByteArrayOutputStream();
         PrintStream oldOut = System.out;
         System.setOut(new PrintStream(bout));
-        KeyTool.main(list.split(" "));
+        sun.security.tools.keytool.Main.main(list.split(" "));
         System.setOut(oldOut);
         String out = bout.toString();
         System.out.println(out);
--- a/jdk/test/sun/security/tools/keytool/autotest.sh	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/test/sun/security/tools/keytool/autotest.sh	Sun Oct 14 22:58:59 2012 +0100
@@ -78,7 +78,7 @@
 esac
 
 if [ "$LIBNAME" = "" ]; then
-  echo "Cannot find LIBNAME"
+  echo "Cannot find libsoftokn3.so"
   exit 1
 fi
 
--- a/jdk/test/sun/security/tools/keytool/standard.sh	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/test/sun/security/tools/keytool/standard.sh	Sun Oct 14 22:58:59 2012 +0100
@@ -56,7 +56,7 @@
     ;;
 esac
 
-${TESTJAVA}${FS}bin${FS}javac -d . ${TESTSRC}${FS}KeyToolTest.java || exit 10
+${TESTJAVA}${FS}bin${FS}javac -d . -XDignore.symbol.file ${TESTSRC}${FS}KeyToolTest.java || exit 10
 
 echo | ${TESTJAVA}${FS}bin${FS}java -Dfile KeyToolTest
 status=$?
--- a/jdk/test/sun/security/util/Resources/Format.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/test/sun/security/util/Resources/Format.java	Sun Oct 14 22:58:59 2012 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2004, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -150,7 +150,7 @@
             s.getPrivateCredentials().add(new Format());
             System.out.println("Test 12, s.toString() = " + s.toString());
         } catch (Exception e) {
-            throw new SecurityException("test 12 failed: e.toString()");
+            throw new SecurityException("test 12 failed: e.toString()", e);
         }
 
         try {
--- a/jdk/test/sun/security/util/Resources/NewNamesFormat.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/test/sun/security/util/Resources/NewNamesFormat.java	Sun Oct 14 22:58:59 2012 +0100
@@ -40,7 +40,9 @@
     public static void main(String[] args) throws Exception {
         checkRes("sun.security.util.Resources");
         checkRes("sun.security.util.AuthResources");
-        checkRes("sun.security.tools.JarSignerResources");
+        checkRes("sun.security.tools.jarsigner.Resources");
+        checkRes("sun.security.tools.keytool.Resources");
+        checkRes("sun.security.tools.policytool.Resources");
     }
 
     private static void checkRes(String resName) throws Exception {
--- a/jdk/test/sun/security/util/Resources/NewResourcesNames.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/test/sun/security/util/Resources/NewResourcesNames.java	Sun Oct 14 22:58:59 2012 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -59,7 +59,9 @@
     static int MAXLEN = 127;
 
     static String[] resources = {
-        "sun/security/tools/JarSignerResources.java",
+        "sun/security/tools/jarsigner/Resources.java",
+        "sun/security/tools/keytool/Resources.java",
+        "sun/security/tools/policytool/Resources.java",
         "sun/security/util/Resources.java",
         "sun/security/util/AuthResources.java",
     };
@@ -94,7 +96,7 @@
         //
         // This means a " exists right after getString(. Sometimes you see
         //
-        //      Working on sun/security/tools/KeyTool.java
+        //      Working on sun/security/tools/keytool/Main.java
         //          BAD!! pmatch != match: 212 != 209
         //      Working on sun/security/provider/PolicyFile.java
         //          BAD!! pmatch != match: 14 != 10
@@ -165,7 +167,7 @@
 
         Set<String> names = new HashSet<String>();
 
-        String file = "sun/security/tools/KeyTool.java";
+        String file = "sun/security/tools/keytool/Main.java";
         System.err.println("Working on " + file);
         File origFile = new File(file);
         File tmpFile = new File(file + ".tmp");
--- a/jdk/test/sun/security/x509/AlgorithmId/NonStandardNames.java	Sat Oct 13 10:15:57 2012 +0100
+++ b/jdk/test/sun/security/x509/AlgorithmId/NonStandardNames.java	Sun Oct 14 22:58:59 2012 +0100
@@ -25,6 +25,8 @@
  * @test
  * @bug 7180907
  * @summary Jarsigner -verify fails if rsa file used sha-256 with authenticated attributes
+ * @compile -XDignore.symbol.file NonStandardNames.java
+ * @run main NonStandardNames
  */
 
 import java.security.MessageDigest;
@@ -35,7 +37,7 @@
 import sun.security.pkcs.PKCS9Attribute;
 import sun.security.pkcs.PKCS9Attributes;
 import sun.security.pkcs.SignerInfo;
-import sun.security.tools.CertAndKeyGen;
+import sun.security.tools.keytool.CertAndKeyGen;
 import sun.security.x509.AlgorithmId;
 import sun.security.x509.X500Name;