infernap12/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2026-03-15 18:33:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

8214024: Remove the default keytool -keyalg value

Browse Source 
Reviewed-by: mullan
This commit is contained in:
Weijun Wang 2019-11-15 09:06:58 +08:00
parent ddc8f8e757
commit c0d097eac6
24 changed files with 146 additions and 143 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/java.base/share/classes/sun/security/tools/keytool/Main.java
View File

@ -1151,17 +1151,15 @@ public final class Main {
}
} else if (command == GENKEYPAIR) {
if (keyAlgName == null) {
keyAlgName = "DSA";
weakWarnings.add(String.format(rb.getString(
"keyalg.option.1.missing.warning"), keyAlgName));
throw new Exception(rb.getString(
"keyalg.option.missing.error"));
}
doGenKeyPair(alias, dname, keyAlgName, keysize, groupName, sigAlgName);
kssave = true;
} else if (command == GENSECKEY) {
if (keyAlgName == null) {
keyAlgName = "DES";
weakWarnings.add(String.format(rb.getString(
"keyalg.option.1.missing.warning"), keyAlgName));
throw new Exception(rb.getString(
"keyalg.option.missing.error"));
}
doGenSecretKey(alias, keyAlgName, keysize);
kssave = true;

2
src/java.base/share/classes/sun/security/tools/keytool/Resources.java
View File

@ -474,7 +474,7 @@ public class Resources extends java.util.ListResourceBundle {
{"migrate.keystore.warning", "Migrated \"%1$s\" to %4$s. The %2$s keystore is backed up as \"%3$s\"."},
{"backup.keystore.warning", "The original keystore \"%1$s\" is backed up as \"%3$s\"..."},
{"importing.keystore.status", "Importing keystore %1$s to %2$s..."},
{"keyalg.option.1.missing.warning", "No -keyalg option. The default key algorithm (%s) is a legacy algorithm and is no longer recommended. In a subsequent release of the JDK, the default will be removed and the -keyalg option must be specified."},
{"keyalg.option.missing.error", "The -keyalg option must be specified."},
{"showinfo.no.option", "Missing option for -showinfo. Try \"keytool -showinfo -tls\"."},
};

2
test/hotspot/jtreg/runtime/cds/appcds/JarBuilder.java
View File

@ -232,7 +232,7 @@ public class JarBuilder {
executeProcess(keyTool,
"-genkey", "-keystore", "./keystore", "-alias", "mykey",
"-storepass", "abc123", "-keypass", "abc123",
"-storepass", "abc123", "-keypass", "abc123", "-keyalg", "dsa",
"-dname", "CN=jvmtest")
.shouldHaveExitValue(0);

3
test/jdk/java/security/Policy/ExtensiblePolicy/ExtensiblePolicyWithJarTest.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2015, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -69,6 +69,7 @@ public class ExtensiblePolicyWithJarTest {
// create key pair for jar signing
ProcessTools.executeCommand(KEYTOOL,
"-genkey",
"-keyalg", "DSA",
"-alias", ALIAS,
"-keystore", KEYSTORE,
"-storetype", "JKS",

4
test/jdk/java/security/Policy/SignedJar/SignedJarTest.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2015, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -66,6 +66,7 @@ public class SignedJarTest {
//Creating first key , keystore both.jks
ProcessTools.executeCommand(KEYTOOL,
"-genkey",
"-keyalg", "DSA",
"-alias", "first",
"-keystore", KEYSTORE1,
"-keypass", PASSWORD,
@ -76,6 +77,7 @@ public class SignedJarTest {
//Creating Second key, keystore both.jks
ProcessTools.executeCommand(KEYTOOL,
"-genkey",
"-keyalg", "DSA",
// "-storetype","JKS",
"-alias", "second",
"-keystore", KEYSTORE1,

4
test/jdk/sun/security/pkcs12/PBES2Encoding.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -35,7 +35,7 @@ public class PBES2Encoding {
// This is a PKCS 12 file using PBES2 to encrypt the cert and key. It is
// generated with these commands:
//
// keytool -keystore ks -genkeypair -storepass changeit -alias a -dname CN=A
// keytool -keystore ks -genkeypair -keyalg DSA -storepass changeit -alias a -dname CN=A
// openssl pkcs12 -in ks -nodes -out kandc -passin pass:changeit
// openssl pkcs12 -export -in kandc -out p12 -name a -passout pass:changeit
// -certpbe AES-128-CBC -keypbe AES-128-CBC

18
test/jdk/sun/security/pkcs12/ParamsTest.java
View File

@ -114,7 +114,8 @@ public class ParamsTest {
check("ksnormal", "a", "wrongpass", "-", IOException.class, "-", "-");
// Add a new entry with password-less settings, still has a storepass
keytool("-keystore ksnormal -genkeypair -storepass changeit -alias b -dname CN=b "
keytool("-keystore ksnormal -genkeypair -keyalg DSA "
+ "-storepass changeit -alias b -dname CN=b "
+ "-J-Dkeystore.pkcs12.certProtectionAlgorithm=NONE "
+ "-J-Dkeystore.pkcs12.macAlgorithm=NONE");
data = Files.readAllBytes(Path.of("ksnormal"));
@ -146,7 +147,8 @@ public class ParamsTest {
check("ksnopass", "a", "wrongpass", "changeit", true, true, true);
// Add a new entry with normal settings, still password-less
keytool("-keystore ksnopass -genkeypair -storepass changeit -alias b -dname CN=B");
keytool("-keystore ksnopass -genkeypair -keyalg DSA "
+ "-storepass changeit -alias b -dname CN=B");
data = Files.readAllBytes(Path.of("ksnopass"));
shouldNotExist(data, "2"); // no Mac
checkAlg(data, "110c010c01000", pbeWithSHA1AndRC4_128_oid);
@ -171,13 +173,15 @@ public class ParamsTest {
checkInt(data, "110c1101111", 6666); // cert ic
// keypbe alg cannot be NONE
keytool("-keystore ksnewic -genkeypair -storepass changeit -alias b -dname CN=B "
keytool("-keystore ksnewic -genkeypair -keyalg DSA "
+ "-storepass changeit -alias b -dname CN=B "
+ "-J-Dkeystore.pkcs12.keyProtectionAlgorithm=NONE")
.shouldContain("NONE AlgorithmParameters not available")
.shouldHaveExitValue(1);
// new entry new keypbe alg (and default ic), else unchanged
keytool("-keystore ksnewic -genkeypair -storepass changeit -alias b -dname CN=B "
keytool("-keystore ksnewic -genkeypair -keyalg DSA "
+ "-storepass changeit -alias b -dname CN=B "
+ "-J-Dkeystore.pkcs12.keyProtectionAlgorithm=PBEWithSHA1AndRC4_128");
data = Files.readAllBytes(Path.of("ksnewic"));
checkInt(data, "22", 5555); // Mac ic
@ -336,7 +340,8 @@ public class ParamsTest {
// still prompt for keypass for genkeypair and certreq
SecurityTools.setResponse("changeit", "changeit");
keytool("-keystore ksnopassnew -genkeypair -alias a -dname CN=A "
keytool("-keystore ksnopassnew -genkeypair -keyalg DSA "
+ "-alias a -dname CN=A "
+ "-J-Dkeystore.pkcs12.certProtectionAlgorithm=NONE "
+ "-J-Dkeystore.pkcs12.macAlgorithm=NONE")
.shouldNotContain("Enter keystore password:")
@ -351,7 +356,8 @@ public class ParamsTest {
// params only read on demand
// keyPbeIterationCount is used by -genkeypair
keytool("-keystore ksgenbadkeyic -genkeypair -alias a -dname CN=A "
keytool("-keystore ksgenbadkeyic -genkeypair -keyalg DSA "
+ "-alias a -dname CN=A "
+ "-storepass changeit "
+ "-J-Dkeystore.pkcs12.keyPbeIterationCount=abc")
.shouldContain("keyPbeIterationCount is not a number: abc")

2
test/jdk/sun/security/pkcs12/SameDN.java
View File

@ -55,7 +55,7 @@ public class SameDN {
}
static void genkeypair(String alias, String dn) throws Exception {
keytool(COMMON + "-genkeypair -alias " + alias + " -dname " + dn)
keytool(COMMON + "-genkeypair -keyalg DSA -alias " + alias + " -dname " + dn)
.shouldHaveExitValue(0);
}

4
test/jdk/sun/security/tools/jarsigner/AltProvider.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2016, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -69,7 +69,7 @@ public class AltProvider {
MOD_SRC_DIR.toString());
// Create a keystore
tool("keytool", "-keystore x.jks -storetype jks -genkeypair" +
tool("keytool", "-keystore x.jks -storetype jks -genkeypair -keyalg dsa" +
" -storepass changeit -keypass changeit -alias x -dname CN=X")
.shouldHaveExitValue(0);

6
test/jdk/sun/security/tools/jarsigner/JavaKeyStoreAliasCaseInsensitive.java
View File

@ -50,7 +50,7 @@ public class JavaKeyStoreAliasCaseInsensitive {
public void testAliasCase() throws Exception {
final String KEYSTORE_OPTIONS = "-storetype JKS -keystore "
+ "test-alias-case.jks -storepass changeit";
SecurityTools.keytool(KEYSTORE_OPTIONS + " -genkeypair"
SecurityTools.keytool(KEYSTORE_OPTIONS + " -genkeypair -keyalg DSA"
+ " -keypass changeit -alias " + ALIAS + " -dname CN=" + ALIAS)
.shouldHaveExitValue(0);
String jarFilename = "test-alias-case.jar";
@ -88,10 +88,10 @@ public class JavaKeyStoreAliasCaseInsensitive {
// signed by another certificate associated with ALIAS + "1".
final String KEYSTORE_OPTIONS = "-storetype JKS -keystore"
+ " test-alias-storeHash-case.jks -storepass changeit";
SecurityTools.keytool(KEYSTORE_OPTIONS + " -genkeypair"
SecurityTools.keytool(KEYSTORE_OPTIONS + " -genkeypair -keyalg DSA"
+ " -keypass changeit -alias " + ALIAS + "1 -dname CN=" +
ALIAS + "1").shouldHaveExitValue(0);
SecurityTools.keytool(KEYSTORE_OPTIONS + " -genkeypair"
SecurityTools.keytool(KEYSTORE_OPTIONS + " -genkeypair -keyalg DSA"
+ " -keypass changeit -alias " + ALIAS + "2 -dname CN="
+ ALIAS + "2").shouldHaveExitValue(0);
String certReq = SecurityTools.keytool(KEYSTORE_OPTIONS +

3
test/jdk/sun/security/tools/jarsigner/LineBrokenMultiByteCharacter.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2017, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -77,6 +77,7 @@ public class LineBrokenMultiByteCharacter {
static void prepare() throws Exception {
SecurityTools.keytool("-keystore", keystoreFileName, "-genkeypair",
"-keyalg", "dsa",
"-storepass", "changeit", "-keypass", "changeit", "-storetype",
"JKS", "-alias", alias, "-dname", "CN=X", "-validity", "366")
.shouldHaveExitValue(0);

3
test/jdk/sun/security/tools/jarsigner/multiRelease/MVJarSigningTest.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2016, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -152,6 +152,7 @@ public class MVJarSigningTest {
"-J-Duser.language=en",
"-J-Duser.country=US",
"-genkey",
"-keyalg", "dsa",
"-alias", ALIAS,
"-keystore", KEYSTORE,
"-keypass", KEYPASS,

8
test/jdk/sun/security/tools/keytool/DupImport.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2016, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -51,9 +51,9 @@ public class DupImport {
Files.deleteIfExists(Paths.get("dup.ks"));
// Create chain: root -> int -> me
run("-genkeypair -alias me -dname CN=Me");
run("-genkeypair -alias int -dname CN=Int");
run("-genkeypair -alias root -dname CN=Root");
run("-genkeypair -keyalg DSA -alias me -dname CN=Me");
run("-genkeypair -keyalg DSA -alias int -dname CN=Int");
run("-genkeypair -keyalg DSA -alias root -dname CN=Root");
run("-certreq -alias int -file int.req");
run("-gencert -infile int.req -alias root -rfc -outfile int.resp");

4
test/jdk/sun/security/tools/keytool/HasSrcStoretypeOption.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2016, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -33,7 +33,7 @@ import sun.security.tools.keytool.Main;
public class HasSrcStoretypeOption {
public static void main(String[] args) throws Exception {
run("-genkeypair -alias a -dname CN=A -storetype jceks -keystore jce");
run("-genkeypair -keyalg DSA -alias a -dname CN=A -storetype jceks -keystore jce");
// When there is no -srcstoretype, it should be probed from the file
run("-importkeystore -srckeystore jce -destkeystore jks -deststoretype jks");
}

6
test/jdk/sun/security/tools/keytool/ImportPrompt.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -50,11 +50,11 @@ public class ImportPrompt {
public static void main(String[] args) throws Throwable {
kt("-keystore ks1 -genkeypair -alias a -dname CN=A");
kt("-keystore ks1 -genkeypair -keyalg DSA -alias a -dname CN=A");
kt("-keystore ks1 -exportcert -alias a -file a.cert");
// Just create a keystore
kt("-keystore ks2 -genkeypair -alias b -dname CN=B");
kt("-keystore ks2 -genkeypair -keyalg DSA -alias b -dname CN=B");
// no response text, assume no
kt("-keystore ks2 -importcert -alias a -file a.cert");

23
test/jdk/sun/security/tools/keytool/KeyAlg.java
View File

@ -23,7 +23,7 @@
/*
* @test
* @bug 8029659
* @bug 8029659 8214179
* @summary Keytool, print key algorithm of certificate or key entry
* @library /test/lib
*/
@ -33,22 +33,25 @@ import jdk.test.lib.process.OutputAnalyzer;
public class KeyAlg {
public static void main(String[] args) throws Exception {
keytool("-genkeypair -alias ca -dname CN=CA -keyalg EC")
.shouldHaveExitValue(0);
keytool("-genkeypair -alias user -dname CN=User -keyalg RSA -keysize 1024")
.shouldHaveExitValue(0);
keytool("-certreq -alias user -file user.req").shouldHaveExitValue(0);
keytool("-genkeypair -alias ca -dname CN=CA -keyalg EC");
keytool("-genkeypair -alias user -dname CN=User -keyalg RSA -keysize 1024");
keytool("-certreq -alias user -file user.req");
keytool("-gencert -alias ca -rfc -sigalg SHA1withECDSA"
+ " -infile user.req -outfile user.crt")
.shouldHaveExitValue(0);
+ " -infile user.req -outfile user.crt");
keytool("-printcert -file user.crt")
.shouldHaveExitValue(0)
.shouldMatch("Signature algorithm name:.*SHA1withECDSA")
.shouldMatch("Subject Public Key Algorithm:.*1024.*RSA");
keytool("-genkeypair -alias e -dname CN=e -keyalg EC -groupname brainpoolP256r1")
.shouldContain("Generating 256 bit EC (brainpoolP256r1) key pair");
keytool("-genkeypair -alias f -dname CN=f -keyalg EC")
.shouldContain("Generating 256 bit EC (secp256r1) key pair");
keytool("-genkeypair -alias g -dname CN=g -keyalg EC -keysize 384")
.shouldContain("Generating 384 bit EC (secp384r1) key pair");
}
static OutputAnalyzer keytool(String s) throws Exception {
return SecurityTools.keytool(
"-keystore ks -storepass changeit -keypass changeit " + s);
"-keystore ks -storepass changeit -keypass changeit " + s)
.shouldHaveExitValue(0);
}
}

117
test/jdk/sun/security/tools/keytool/KeyToolTest.java
View File

@ -197,7 +197,7 @@ public class KeyToolTest {
// jarsigner and keytool algorithm for DSA keys". Unfortunately
// SunPKCS11-NSS does not support SHA256withDSA yet.
if (cmd.contains("p11-nss.txt") && cmd.contains("-genkey")
&& !cmd.contains("-keyalg")) {
&& cmd.contains("DSA")) {
cmd += " -sigalg SHA1withDSA -keysize 1024";
}
test(input, cmd);
@ -352,7 +352,7 @@ public class KeyToolTest {
remove("x.jks");
remove("x.jks.p1.cert");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -alias p1 -dname CN=olala");
"-keypass changeit -genkeypair -keyalg DSA -alias p1 -dname CN=olala");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-exportcert -alias p1 -file x.jks.p1.cert");
ks = loadStore("x.jks", "changeit", "JKS");
@ -377,7 +377,7 @@ public class KeyToolTest {
// changealias and keyclone
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -alias p1 -dname CN=olala");
"-keypass changeit -genkeypair -keyalg DSA -alias p1 -dname CN=olala");
testOK("changeit\n", "-keystore x.jks -storetype JKS " +
"-changealias -alias p1 -destalias p11");
testOK("changeit\n", "-keystore x.jks -storetype JKS " +
@ -396,10 +396,10 @@ public class KeyToolTest {
remove("x.jceks");
// DES, no need keysize
testOK("changeit\nchangeit\n\n", "-keystore x.jceks -storetype JCEKS " +
"-genseckey -alias s1");
"-genseckey -keyalg DES -alias s1");
// DES, keysize cannot be 128
testFail("changeit\n\n", "-keystore x.jceks -storetype JCEKS " +
"-genseckey -alias s11 -keysize 128");
"-genseckey -keyalg DES -alias s11 -keysize 128");
// DESede. no need keysize
testOK("changeit\n\n", "-keystore x.jceks -storetype JCEKS " +
"-genseckey -keyalg DESede -alias s2");
@ -411,19 +411,20 @@ public class KeyToolTest {
// about keypass
// can accept storepass
testOK("\n", "-keystore x.jceks -storetype JCEKS -storepass changeit " +
"-genseckey -alias s4");
"-genseckey -keyalg DES -alias s4");
// or a new one
testOK("keypass\nkeypass\n", "-keystore x.jceks -storetype JCEKS " +
"-storepass changeit -genseckey -alias s5");
"-storepass changeit -genseckey -keyalg DES -alias s5");
// keypass must be valid (prompt 3 times)
testOK("bad\n\bad\nkeypass\nkeypass\n", "-keystore x.jceks " +
"-storetype JCEKS -storepass changeit -genseckey -alias s6");
"-storetype JCEKS -storepass changeit -genseckey " +
"-keyalg DES -alias s6");
// keypass must be valid (prompt 3 times)
testFail("bad\n\bad\nbad\n", "-keystore x.jceks -storetype JCEKS " +
"-storepass changeit -genseckey -alias s7");
"-storepass changeit -genseckey -keyalg DES -alias s7");
// keypass must be valid (prompt 3 times)
testFail("bad\n\bad\nbad\nkeypass\n", "-keystore x.jceks " +
"-storetype JCEKS -storepass changeit -genseckey -alias s7");
"-storetype JCEKS -storepass changeit -genseckey -keyalg DES -alias s7");
ks = loadStore("x.jceks", "changeit", "JCEKS");
assertTrue(ks.getKey("s1", "changeit".toCharArray())
.getAlgorithm().equalsIgnoreCase("DES"), "s1 is DES");
@ -452,7 +453,7 @@ public class KeyToolTest {
remove("x.jceks");
// create 2 entries...
testOK("changeit\nchangeit\n\n", "-keystore x.jceks -storetype JCEKS " +
"-genkeypair -alias p1 -dname CN=Olala");
"-genkeypair -keyalg DSA -alias p1 -dname CN=Olala");
testOK("", "-keystore x.jceks -storetype JCEKS -storepass changeit " +
"-importcert -alias c1 -file x.jks.p1.cert -noprompt");
ks = loadStore("x.jceks", "changeit", "JCEKS");
@ -532,7 +533,7 @@ public class KeyToolTest {
remove("x.jks");
// generate entry with different keypass
testOK("changeit\nkeypass\nkeypass\n", "-keystore x.jceks " +
"-storetype JCEKS -genkeypair -alias p2 -dname CN=Olala");
"-storetype JCEKS -genkeypair -keyalg DSA -alias p2 -dname CN=Olala");
// prompt
testOK("changeit\nchangeit\nchangeit\nkeypass\n", "-importkeystore " +
"-srckeystore x.jceks -srcstoretype JCEKS " +
@ -581,10 +582,10 @@ public class KeyToolTest {
remove("x.jks");
// create SecretKeyEntry
testOK("changeit\n\n", "-keystore x.jceks -storetype JCEKS " +
"-genseckey -alias s1");
"-genseckey -keyalg DES -alias s1");
// create SecretKeyEntry
testOK("changeit\n\n", "-keystore x.jceks -storetype JCEKS " +
"-genseckey -alias s2");
"-genseckey -keyalg DES -alias s2");
// remove the keypass!=storepass one
testOK("changeit\n", "-keystore x.jceks -storetype JCEKS " +
"-delete -alias p2");
@ -629,13 +630,13 @@ public class KeyToolTest {
remove("x.jks");
// just type ENTER means keypass=storepass
testOK("changeit\nchangeit\n\n", "-keystore x.jks -storetype JKS " +
"-genkeypair -alias p1 -dname CN=olala");
"-genkeypair -keyalg DSA -alias p1 -dname CN=olala");
remove("x.p12");
// PKCS12 only need storepass
testOK("", "-keystore x.p12 -storetype PKCS12 -storepass changeit " +
"-genkeypair -alias p0 -dname CN=olala");
"-genkeypair -keyalg DSA -alias p0 -dname CN=olala");
testOK("changeit\n", "-keystore x.p12 -storetype PKCS12 " +
"-genkeypair -alias p1 -dname CN=olala");
"-genkeypair -keyalg DSA -alias p1 -dname CN=olala");
// when specify keypass, make sure keypass==storepass...
testOK("changeit\n", "-keystore x.p12 -keypass changeit " +
"-storetype PKCS12 -genkeypair -keyalg DSA -alias p3 -dname CN=olala");
@ -658,9 +659,9 @@ public class KeyToolTest {
remove("x.p12");
// PKCS12 only need storepass
testOK("", "-keystore x.p12 -storetype PKCS12 -storepass changeit " +
"-genkeypair -alias p0 -dname CN=olala");
"-genkeypair -keyalg DSA -alias p0 -dname CN=olala");
testOK("", "-storepass changeit -keystore x.p12 -storetype PKCS12 " +
"-genkeypair -alias p1 -dname CN=olala");
"-genkeypair -keyalg DSA -alias p1 -dname CN=olala");
// when specify keypass, make sure keypass==storepass...
testOK("", "-storepass changeit -keystore x.p12 -keypass changeit " +
"-storetype PKCS12 -genkeypair -keyalg DSA -alias p3 -dname CN=olala");
@ -696,14 +697,14 @@ public class KeyToolTest {
"BEFORE THIS TEST ***");
testOK("", p11Arg +
"-storepass test12 -genkeypair -alias p1 -dname CN=olala");
testOK("test12\n", p11Arg + "-genkeypair -alias p2 -dname CN=olala2");
"-storepass test12 -genkeypair -keyalg DSA -alias p1 -dname CN=olala");
testOK("test12\n", p11Arg + "-genkeypair -keyalg DSA -alias p2 -dname CN=olala2");
// cannot provide keypass for PKCS11
testFail("test12\n", p11Arg +
"-keypass test12 -genkeypair -alias p3 -dname CN=olala3");
"-keypass test12 -genkeypair -keyalg DSA -alias p3 -dname CN=olala3");
// cannot provide keypass for PKCS11
testFail("test12\n", p11Arg +
"-keypass nonsense -genkeypair -alias p3 -dname CN=olala3");
"-keypass nonsense -genkeypair -keyalg DSA -alias p3 -dname CN=olala3");
testOK("", p11Arg + "-storepass test12 -list");
assertTrue(out.indexOf("Your keystore contains 2 entries") != -1,
@ -738,8 +739,8 @@ public class KeyToolTest {
KeyStore ks;
testOK("", p11Arg +
"-storepass test12 -genkeypair -alias p1 -dname CN=olala");
testOK("test12\n", p11Arg + "-genkeypair -alias p2 -dname CN=olala2");
"-storepass test12 -genkeypair -keyalg DSA -alias p1 -dname CN=olala");
testOK("test12\n", p11Arg + "-genkeypair -keyalg DSA -alias p2 -dname CN=olala2");
// test importkeystore for pkcs11
remove("x.jks");
@ -809,7 +810,7 @@ public class KeyToolTest {
KeyStore ks;
remove("x.jks");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala");
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-exportcert -file x.jks.p1.cert");
/* deleted */ testOK("", "-keystore x.jks -storetype JKS " +
@ -842,7 +843,7 @@ public class KeyToolTest {
void sqeKeyclonetest() throws Exception {
remove("x.jks");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala");
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala");
// new pass
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -new newpass -keyclone -dest p0");
@ -871,7 +872,7 @@ public class KeyToolTest {
void sqeKeypasswdTest() throws Exception {
remove("x.jks");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala");
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -keypasswd -new newpass");
/*change back*/ testOK("", "-keystore x.jks -storetype JKS " +
@ -909,7 +910,7 @@ public class KeyToolTest {
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-delete -alias mykey");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass keypass -genkeypair -dname CN=olala");
"-keypass keypass -genkeypair -keyalg DSA -dname CN=olala");
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypasswd -new newpass");
testOK("keypass\n", "-keystore x.jks -storetype JKS " +
@ -922,7 +923,7 @@ public class KeyToolTest {
void sqeListTest() throws Exception {
remove("x.jks");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala");
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit -list");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-list -alias mykey");
@ -948,7 +949,7 @@ public class KeyToolTest {
void sqeSelfCertTest() throws Exception {
remove("x.jks");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala");
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit -selfcert");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -selfcert");
@ -974,7 +975,7 @@ public class KeyToolTest {
// diff pass
remove("x.jks");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass keypass -genkeypair -dname CN=olala");
"-keypass keypass -genkeypair -keyalg DSA -dname CN=olala");
testFail("", "-keystore x.jks -storetype JKS " +
"-storepass changeit -selfcert");
testOK("keypass\n", "-keystore x.jks -storetype JKS " +
@ -995,7 +996,7 @@ public class KeyToolTest {
void sqeStorepassTest() throws Exception {
remove("x.jks");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala");
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala");
// all in arg
testOK("", "-storepasswd -keystore x.jks -storetype JKS " +
"-storepass changeit -new newstore");
@ -1044,13 +1045,13 @@ public class KeyToolTest {
remove("x.jks");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala");
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala");
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala");
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala -alias newentry");
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala -alias newentry");
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala -alias newentry");
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala -alias newentry");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala -keyalg DSA " +
"-alias n1");
@ -1061,19 +1062,19 @@ public class KeyToolTest {
"-keypass changeit -genkeypair -dname CN=olala " +
"-keyalg NoSuchAlg -alias n3");
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala -keysize 56 " +
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala -keysize 56 " +
"-alias n4");
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala -keysize 999 " +
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala -keysize 999 " +
"-alias n5");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala -keysize 512 " +
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala -keysize 512 " +
"-alias n6");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala -keysize 1024 " +
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala -keysize 1024 " +
"-alias n7");
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala " +
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala " +
"-sigalg NoSuchAlg -alias n8");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala -keyalg RSA " +
@ -1088,12 +1089,12 @@ public class KeyToolTest {
"-keypass changeit -genkeypair -dname CN=olala -keyalg RSA " +
"-sigalg NoSuchAlg -alias n12");
testFail("", "-keystore badkeystore -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala " +
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala " +
"-alias n14");
testFail("", "-keystore x.jks -storetype JKS -storepass badpass " +
"-keypass changeit -genkeypair -dname CN=olala -alias n16");
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala -alias n16");
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CNN=olala -alias n17");
"-keypass changeit -genkeypair -keyalg DSA -dname CNN=olala -alias n17");
remove("x.jks");
}
@ -1103,7 +1104,7 @@ public class KeyToolTest {
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-export -file mykey.cert -alias mykey");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala");
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-export -file mykey.cert -alias mykey");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
@ -1131,11 +1132,11 @@ public class KeyToolTest {
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-delete -alias mykey");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala");
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-delete -alias mykey");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala");
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala");
// keystore name illegal
testFail("", "-keystore aa\\bb//cc\\dd -storepass changeit " +
"-delete -alias mykey");
@ -1157,7 +1158,7 @@ public class KeyToolTest {
remove("csr1");
// PrivateKeyEntry can do certreq
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala -keysize 1024");
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala -keysize 1024");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-certreq -file csr1 -alias mykey");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
@ -1221,7 +1222,7 @@ public class KeyToolTest {
remove("mykey.cert");
remove("myweakkey.cert");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala");
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-export -file mykey.cert -alias mykey");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
@ -1264,7 +1265,7 @@ public class KeyToolTest {
remove("x.jks");
String simple = "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -noprompt -keyalg " + keyAlg + " ";
String pre = simple + "-genkeypair -dname CN=Olala -alias ";
String pre = simple + "-genkeypair -keyalg DSA -dname CN=Olala -alias ";
// Version and SKID
testOK("", pre + "o1");
@ -1678,30 +1679,30 @@ public class KeyToolTest {
remove("x.jks");
testOK("", "-help");
// 2. keytool -genkey -v -keysize 512 Enter "a" for the keystore
// 2. keytool -genkey -keyalg DSA -v -keysize 512 Enter "a" for the keystore
// password. Check error (password too short). Enter "password" for
// the keystore password. Hit 'return' for "first and last name",
// "organizational unit", "City", "State", and "Country Code".
// Type "yes" when they ask you if everything is correct.
// Type 'return' for new key password.
testOK("a\npassword\npassword\nMe\nHere\nNow\nPlace\nPlace\nUS\nyes\n\n",
"-genkey -v -keysize 512 -keystore x.jks -storetype JKS");
"-genkey -keyalg DSA -v -keysize 512 -keystore x.jks -storetype JKS");
// 3. keytool -list -v -storepass password
testOK("", "-list -v -storepass password -keystore x.jks -storetype JKS");
// 4. keytool -list -v Type "a" for the keystore password.
// Check error (wrong keystore password).
testFail("a\n", "-list -v -keystore x.jks -storetype JKS");
assertTrue(ex.indexOf("password was incorrect") != -1);
// 5. keytool -genkey -v -keysize 512 Enter "password" as the password.
// 5. keytool - -keyalg DSA -v -keysize 512 Enter "password" as the password.
// Check error (alias 'mykey' already exists).
testFail("password\n", "-genkey -v -keysize 512" +
testFail("password\n", "-genkey -keyalg DSA -v -keysize 512" +
" -keystore x.jks -storetype JKS");
assertTrue(ex.indexOf("alias <mykey> already exists") != -1);
// 6. keytool -genkey -v -keysize 512 -alias mykey2 -storepass password
// 6. keytool -genkey -keyalg DSA -v -keysize 512 -alias mykey2 -storepass password
// Hit 'return' for "first and last name", "organizational unit", "City",
// "State", and "Country Code". Type "yes" when they ask you if
// everything is correct. Type 'return' for new key password.
testOK("\n\n\n\n\n\nyes\n\n", "-genkey -v -keysize 512 -alias mykey2" +
testOK("\n\n\n\n\n\nyes\n\n", "-genkey -keyalg DSA -v -keysize 512 -alias mykey2" +
" -storepass password -keystore x.jks -storetype JKS");
// 7. keytool -list -v Type 'password' for the store password.
testOK("password\n", "-list -v -keystore x.jks -storetype JKS");
@ -1810,7 +1811,7 @@ public class KeyToolTest {
void sszzTest() throws Exception {
testAnyway("", NSS_P11_ARG+"-delete -alias nss -storepass test12");
testAnyway("", NZZ_P11_ARG+"-delete -alias nss -storepass test12");
testOK("", NSS_P11_ARG+"-genkeypair -dname CN=NSS " +
testOK("", NSS_P11_ARG+"-genkeypair -keyalg DSA -dname CN=NSS " +
"-alias nss -storepass test12");
testOK("", NSS_SRC_P11_ARG + NZZ_P11_ARG +
"-importkeystore -srcstorepass test12 -deststorepass test12");

10
test/jdk/sun/security/tools/keytool/PKCS12Passwd.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -49,11 +49,11 @@ public class PKCS12Passwd {
public static void main(String[] args) throws Exception {
// A PrivateKeyEntry
kt("-genkeypair -alias a -dname CN=A")
kt("-genkeypair -alias a -dname CN=A -keyalg DSA")
.shouldHaveExitValue(0);
// A TrustedCertificateEntry (genkeypair, export, delete, import)
kt("-genkeypair -alias b -dname CN=B")
kt("-genkeypair -alias b -dname CN=B -keyalg DSA")
.shouldHaveExitValue(0);
kt("-exportcert -alias b -file b.cert")
.shouldHaveExitValue(0);
@ -90,7 +90,7 @@ public class PKCS12Passwd {
// A PKCS12 keystore can be loaded as a JKS, and it follows JKS rules
// which means the storepass and keypass can be changed separately!
ktFull("-genkeypair -alias a -dname CN=A -storetype pkcs12 "
ktFull("-genkeypair -alias a -dname CN=A -storetype pkcs12 -keyalg DSA "
+ "-storepass changeit -keypass changeit -keystore p12")
.shouldHaveExitValue(0);
@ -112,7 +112,7 @@ public class PKCS12Passwd {
// PKCS12 rules that both passwords are changed at the same time and
// some commands are rejected.
ktFull("-genkeypair -alias a -dname CN=A -storetype jks "
ktFull("-genkeypair -alias a -dname CN=A -storetype jks -keyalg DSA "
+ "-storepass changeit -keypass changeit -keystore jks")
.shouldHaveExitValue(0);

4
test/jdk/sun/security/tools/keytool/ProbingFailure.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -53,7 +53,7 @@ public class ProbingFailure {
public static void main(String[] args) throws Exception {
// genkeypair
kt("-genkeypair -keystore mks -alias a -dname CN=A -storetype MYKS")
kt("-genkeypair -keystore mks -alias a -dname CN=A -keyalg DSA -storetype MYKS")
.shouldHaveExitValue(0);
// list

6
test/jdk/sun/security/tools/keytool/RealType.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -45,7 +45,7 @@ public class RealType {
public static void main(String[] args) throws Throwable {
kt("-genkeypair -alias a -dname CN=A -keypass changeit -storetype jks")
kt("-genkeypair -keyalg DSA -alias a -dname CN=A -keypass changeit -storetype jks")
.shouldHaveExitValue(0);
// -keypasswd command should be allowed on JKS
@ -54,7 +54,7 @@ public class RealType {
Files.delete(Paths.get("ks"));
kt("-genkeypair -alias a -dname CN=A -keypass changeit -storetype pkcs12")
kt("-genkeypair -keyalg DSA -alias a -dname CN=A -keypass changeit -storetype pkcs12")
.shouldHaveExitValue(0);
// A pkcs12 keystore cannot be loaded as a JCEKS keystore

26
test/jdk/sun/security/tools/keytool/DeprecateKeyalg.java → test/jdk/sun/security/tools/keytool/RemoveKeyAlgDefault.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -26,12 +26,12 @@ import jdk.test.lib.process.OutputAnalyzer;
/**
* @test
* @bug 8212003 8214179
* @bug 8212003 8214024
* @summary Deprecating the default keytool -keyalg option
* @library /test/lib
*/
public class DeprecateKeyalg {
public class RemoveKeyAlgDefault {
private static final String COMMON = "-keystore ks -storetype jceks "
+ "-storepass changeit -keypass changeit";
@ -39,35 +39,25 @@ public class DeprecateKeyalg {
public static void main(String[] args) throws Throwable {
kt("-genkeypair -keyalg DSA -alias a -dname CN=A")
.shouldHaveExitValue(0)
.shouldContain("Generating")
.shouldNotContain("-keyalg option must be specified");
kt("-genkeypair -alias b -dname CN=B")
.shouldContain("Generating")
.shouldContain("default key algorithm (DSA)")
.shouldHaveExitValue(1)
.shouldContain("-keyalg option must be specified");
kt("-genseckey -keyalg DES -alias c")
.shouldHaveExitValue(0)
.shouldContain("Generated")
.shouldNotContain("-keyalg option must be specified");
kt("-genseckey -alias d")
.shouldContain("Generated")
.shouldContain("default key algorithm (DES)")
.shouldHaveExitValue(1)
.shouldContain("-keyalg option must be specified");
kt("-genkeypair -alias e -dname CN=e -keyalg EC -groupname brainpoolP256r1")
.shouldContain("Generating 256 bit EC (brainpoolP256r1) key pair");
kt("-genkeypair -alias f -dname CN=f -keyalg EC")
.shouldContain("Generating 256 bit EC (secp256r1) key pair");
kt("-genkeypair -alias g -dname CN=g -keyalg EC -keysize 384")
.shouldContain("Generating 384 bit EC (secp384r1) key pair");
}
private static OutputAnalyzer kt(String cmd) throws Throwable {
return SecurityTools.keytool(COMMON + " " + cmd)
.shouldHaveExitValue(0);
return SecurityTools.keytool(COMMON + " " + cmd);
}
}

6
test/jdk/sun/security/tools/keytool/WeakAlg.java
View File

@ -178,7 +178,7 @@ public class WeakAlg {
// no warning if all certs
kt("-importcert -alias b -file a.crt -storetype jks -noprompt")
.shouldNotContain("Warning:");
kt("-genkeypair -alias a -dname CN=A")
kt("-genkeypair -keyalg DSA -alias a -dname CN=A")
.shouldContain("JKS keystore uses a proprietary format");
kt("-list")
.shouldContain("JKS keystore uses a proprietary format");
@ -202,7 +202,7 @@ public class WeakAlg {
rm("ks");
kt("-genkeypair -alias a -dname CN=A -storetype jceks")
kt("-genkeypair -keyalg DSA -alias a -dname CN=A -storetype jceks")
.shouldContain("JCEKS keystore uses a proprietary format");
kt("-list")
.shouldContain("JCEKS keystore uses a proprietary format");
@ -239,7 +239,7 @@ public class WeakAlg {
static void checkInplaceImportKeyStore() throws Exception {
rm("ks");
genkeypair("a", "");
genkeypair("a", "-keyalg DSA");
// Same type backup
importkeystore("ks", "ks", "")

12
test/jdk/sun/security/tools/keytool/console.sh
View File

@ -1,5 +1,5 @@
#
# Copyright (c) 2006, 2014, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2006, 2019, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
@ -75,7 +75,7 @@ echo "Test #1: 5->6, non-prompt. Please type <R>"
echo "=========================================="
echo
rm $KS 2> /dev/null
$J5/bin/keytool -keystore $KS -genkey -dname CN=olala -storepass $PASSW || exit 1
$J5/bin/keytool -keystore $KS -genkey -keyalg DSA -dname CN=olala -storepass $PASSW || exit 1
$JM/bin/keytool -keystore $KS -list -storepass $PASSW || exit 2
echo "=========================================="
@ -84,7 +84,7 @@ echo "=========================================="
echo
rm $KS 2> /dev/null
$JM/bin/keytool -keystore $KS -genkey -dname CN=olala -storepass $PASSW || exit 3
$JM/bin/keytool -keystore $KS -genkey -keyalg DSA -dname CN=olala -storepass $PASSW || exit 3
$J5/bin/keytool -keystore $KS -list -storepass $PASSW || exit 4
echo "============================================================"
@ -93,7 +93,7 @@ echo "============================================================"
echo
rm $KS 2> /dev/null
$J5/bin/keytool -keystore $KS -genkey -dname CN=olala || exit 5
$J5/bin/keytool -keystore $KS -genkey -keyalg DSA -dname CN=olala || exit 5
$JM/bin/keytool -keystore $KS -list || exit 6
echo $PASSW| $J5/bin/keytool -keystore $KS -list || exit 7
echo $PASSW| $JM/bin/keytool -keystore $KS -list || exit 8
@ -104,7 +104,7 @@ echo "======================================================================="
echo
rm $KS 2> /dev/null
$JM/bin/keytool -keystore $KS -genkey -dname CN=olala || exit 9
$JM/bin/keytool -keystore $KS -genkey -keyalg DSA -dname CN=olala || exit 9
$J5/bin/keytool -keystore $KS -list || exit 10
echo $PASSW| $JM/bin/keytool -keystore $KS -list || exit 11
echo $PASSW| $J5/bin/keytool -keystore $KS -list || exit 12
@ -115,7 +115,7 @@ echo "==========================================="
echo
rm $KS 2> /dev/null
echo $PASSW| $J5/bin/keytool -keystore $KS -genkey -dname CN=olala || exit 13
echo $PASSW| $J5/bin/keytool -keystore $KS -genkey -keyalg DSA -dname CN=olala || exit 13
$JM/bin/keytool -keystore $KS -list || exit 14
echo $PASSW| $J5/bin/keytool -keystore $KS -list || exit 15
echo $PASSW| $JM/bin/keytool -keystore $KS -list || exit 16

6
test/jdk/sun/security/tools/keytool/i18n.html
View File

@ -9,7 +9,7 @@ from keytool is correct (you can read everything in english fine).
If you are on a Windows platform, delete the .keystore file in
your home directory.
<li> keytool -help
<li> keytool -genkey -v -keysize 512
<li> keytool -genkey -keyalg DSA -v -keysize 512
Enter "a" for the keystore password. Check error (password too short).
Enter "password" for the keystore password.
Re-enter "password" to confirm.
@ -21,10 +21,10 @@ from keytool is correct (you can read everything in english fine).
<li> keytool -list -v
Type "a" for the keystore password.
Check error (wrong keystore password).
<li> keytool -genkey -v -keysize 512
<li> keytool -genkey -keyalg DSA -v -keysize 512
Enter "password" as the password.
Check error (alias 'mykey' already exists).
<li> keytool -genkey -v -keysize 512 -alias mykey2 -storepass password
<li> keytool -genkey -keyalg DSA -v -keysize 512 -alias mykey2 -storepass password
Hit 'return' for "first and last name", "organizational unit",
"organization", "City", "State", and "Country Code".
Type "yes" when they ask you if everything is correct.