--- a/jdk/src/java.base/share/classes/sun/security/tools/keytool/Main.java	Fri Jan 20 14:13:11 2017 -0500
+++ b/jdk/src/java.base/share/classes/sun/security/tools/keytool/Main.java	Sat Jan 21 08:38:51 2017 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -3522,7 +3522,8 @@
             System.err.flush();
             reply = (new BufferedReader(new InputStreamReader
                                         (System.in))).readLine();
-            if (collator.compare(reply, "") == 0 ||
+            if (reply == null ||
+                collator.compare(reply, "") == 0 ||
                 collator.compare(reply, rb.getString("n")) == 0 ||
                 collator.compare(reply, rb.getString("no")) == 0) {
                 reply = "NO";

--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/security/tools/keytool/ImportPrompt.java	Sat Jan 21 08:38:51 2017 +0800
@@ -0,0 +1,88 @@
+/*
+ * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import jdk.test.lib.Asserts;
+import jdk.test.lib.SecurityTools;
+import jdk.test.lib.process.OutputAnalyzer;
+
+import java.io.File;
+import java.security.KeyStore;
+
+/**
+ * @test
+ * @bug 8172975
+ * @summary SecurityTools.keytool() needs to accept user input
+ * @library /test/lib
+ */
+
+public class ImportPrompt {
+
+    private static final String COMMON =
+            "-storetype jks -storepass changeit -keypass changeit -debug";
+
+    public static void main(String[] args) throws Throwable {
+
+        kt("-keystore ks1 -genkeypair -alias a -dname CN=A");
+        kt("-keystore ks1 -exportcert -alias a -file a.cert");
+
+        // Just create a keystore
+        kt("-keystore ks2 -genkeypair -alias b -dname CN=B");
+
+        // no response text, assume no
+        kt("-keystore ks2 -importcert -alias a -file a.cert");
+        Asserts.assertFalse(hasA());
+
+        // no reply is no
+        SecurityTools.setResponse("no");
+        kt("-keystore ks2 -importcert -alias a -file a.cert");
+        Asserts.assertFalse(hasA());
+
+        // explicit yes
+        SecurityTools.setResponse("yes");
+        kt("-keystore ks2 -importcert -alias a -file a.cert");
+        Asserts.assertTrue(hasA());
+
+        // remove it
+        kt("-keystore ks2 -delete -alias a");
+        Asserts.assertFalse(hasA());
+
+        // the previous "yes" will not be remembered
+        kt("-keystore ks2 -importcert -alias a -file a.cert");
+        Asserts.assertFalse(hasA());
+
+        // add with -noprompt
+        SecurityTools.setResponse("");
+        kt("-keystore ks2 -importcert -alias a -file a.cert -noprompt");
+        Asserts.assertTrue(hasA());
+    }
+
+    private static OutputAnalyzer kt(String cmd) throws Throwable {
+        return SecurityTools.keytool(COMMON + " " + cmd)
+                .shouldHaveExitValue(0);
+    }
+
+    private static boolean hasA() throws Exception {
+        return KeyStore.getInstance(new File("ks2"), "changeit".toCharArray())
+                .containsAlias("a");
+    }
+}

--- a/jdk/test/sun/security/tools/keytool/ReadJar.java	Fri Jan 20 14:13:11 2017 -0500
+++ b/jdk/test/sun/security/tools/keytool/ReadJar.java	Sat Jan 21 08:38:51 2017 +0800
@@ -57,16 +57,15 @@
         System.out.println(out.getOutput());
         out.shouldHaveExitValue(0);
 
-        out = SecurityTools.jarsigner("test_rsa.jar", "rsa_alias",
-                "-keystore keystore -storepass password ");
+        out = SecurityTools.jarsigner("-keystore keystore -storepass password "
+                + "test_rsa.jar rsa_alias");
         System.out.println(out.getOutput());
         out.shouldHaveExitValue(0);
 
         printCert("test_rsa.jar");
 
-        out = SecurityTools.jarsigner("test_md5.jar", "rsa_alias",
-                "-keystore keystore -storepass password "
-                        + "-sigalg MD5withRSA -digestalg MD5");
+        out = SecurityTools.jarsigner("-keystore keystore -storepass password "
+                + "-sigalg MD5withRSA -digestalg MD5 test_md5.jar rsa_alias");
         System.out.println(out.getOutput());
         out.shouldHaveExitValue(0);