8029659: Keytool, print key algorithm of certificate or key entry
Reviewed-by: xuelei
--- a/jdk/src/java.base/share/classes/sun/security/tools/keytool/Main.java Mon Oct 13 14:11:20 2014 -0700
+++ b/jdk/src/java.base/share/classes/sun/security/tools/keytool/Main.java Tue Oct 14 10:07:44 2014 +0800
@@ -64,6 +64,7 @@
import javax.security.auth.x500.X500Principal;
import java.util.Base64;
+import sun.security.util.KeyUtil;
import sun.security.util.ObjectIdentifier;
import sun.security.pkcs10.PKCS10;
import sun.security.pkcs10.PKCS10Attribute;
@@ -1103,8 +1104,13 @@
doChangeKeyPasswd(alias);
kssave = true;
} else if (command == LIST) {
+ if (storePass == null
+ && !KeyStoreUtil.isWindowsKeyStore(storetype)) {
+ printWarning();
+ }
+
if (alias != null) {
- doPrintEntry(alias, out, true);
+ doPrintEntry(alias, out);
} else {
doPrintEntries(out);
}
@@ -1765,15 +1771,9 @@
/**
* Prints a single keystore entry.
*/
- private void doPrintEntry(String alias, PrintStream out,
- boolean printWarning)
+ private void doPrintEntry(String alias, PrintStream out)
throws Exception
{
- if (storePass == null && printWarning
- && !KeyStoreUtil.isWindowsKeyStore(storetype)) {
- printWarning();
- }
-
if (keyStore.containsAlias(alias) == false) {
MessageFormat form = new MessageFormat
(rb.getString("Alias.alias.does.not.exist"));
@@ -2090,13 +2090,6 @@
private void doPrintEntries(PrintStream out)
throws Exception
{
- if (storePass == null
- && !KeyStoreUtil.isWindowsKeyStore(storetype)) {
- printWarning();
- } else {
- out.println();
- }
-
out.println(rb.getString("Keystore.type.") + keyStore.getType());
out.println(rb.getString("Keystore.provider.") +
keyStore.getProvider().getName());
@@ -2115,7 +2108,7 @@
for (Enumeration<String> e = keyStore.aliases();
e.hasMoreElements(); ) {
String alias = e.nextElement();
- doPrintEntry(alias, out, false);
+ doPrintEntry(alias, out);
if (verbose || rfc) {
out.println(rb.getString("NEWLINE"));
out.println(rb.getString
@@ -2922,6 +2915,7 @@
MessageFormat form = new MessageFormat
(rb.getString(".PATTERN.printX509Cert"));
+ PublicKey pkey = cert.getPublicKey();
Object[] source = {cert.getSubjectDN().toString(),
cert.getIssuerDN().toString(),
cert.getSerialNumber().toString(16),
@@ -2931,7 +2925,9 @@
getCertFingerPrint("SHA1", cert),
getCertFingerPrint("SHA-256", cert),
cert.getSigAlgName(),
- cert.getVersion()
+ pkey.getAlgorithm(),
+ KeyUtil.getKeySize(pkey),
+ cert.getVersion(),
};
out.println(form.format(source));
--- a/jdk/src/java.base/share/classes/sun/security/tools/keytool/Resources.java Mon Oct 13 14:11:20 2014 -0700
+++ b/jdk/src/java.base/share/classes/sun/security/tools/keytool/Resources.java Tue Oct 14 10:07:44 2014 +0800
@@ -347,7 +347,7 @@
{".RETURN.if.same.as.for.otherAlias.",
"\t(RETURN if same as for <{0}>)"},
{".PATTERN.printX509Cert",
- "Owner: {0}\nIssuer: {1}\nSerial number: {2}\nValid from: {3} until: {4}\nCertificate fingerprints:\n\t MD5: {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t Signature algorithm name: {8}\n\t Version: {9}"},
+ "Owner: {0}\nIssuer: {1}\nSerial number: {2}\nValid from: {3} until: {4}\nCertificate fingerprints:\n\t MD5: {5}\n\t SHA1: {6}\n\t SHA256: {7}\nSignature algorithm name: {8}\nSubject Public Key Algorithm: {9} ({10,number,#})\nVersion: {11}"},
{"What.is.your.first.and.last.name.",
"What is your first and last name?"},
{"What.is.the.name.of.your.organizational.unit.",
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/security/tools/keytool/keyalg.sh Tue Oct 14 10:07:44 2014 +0800
@@ -0,0 +1,47 @@
+#
+# Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+# @test
+# @bug 8029659
+# @summary Keytool, print key algorithm of certificate or key entry
+#
+
+if [ "${TESTJAVA}" = "" ] ; then
+ JAVAC_CMD=`which javac`
+ TESTJAVA=`dirname $JAVAC_CMD`/..
+fi
+
+KS=ks
+KEYTOOL="$TESTJAVA/bin/keytool ${TESTTOOLVMOPTS} -keystore ks -storepass changeit -keypass changeit"
+
+rm $KS 2> /dev/null
+
+$KEYTOOL -genkeypair -alias ca -dname CN=CA -keyalg EC || exit 1
+$KEYTOOL -genkeypair -alias user -dname CN=User -keyalg RSA -keysize 1024 || exit 2
+$KEYTOOL -certreq -alias user |
+ $KEYTOOL -gencert -alias ca -rfc -sigalg SHA1withECDSA |
+ $KEYTOOL -printcert > user.dump || exit 3
+
+cat user.dump | grep "Signature algorithm name:" | grep SHA1withECDSA || exit 4
+cat user.dump | grep "Subject Public Key Algorithm:" | grep RSA | grep 1024 || exit 5
+