infernap12/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2026-04-05 04:31:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

6324292: keytool -help is unhelpful

Browse Source 
Reviewed-by: xuelei, mullan
This commit is contained in:
Weijun Wang 2009-10-02 18:44:34 +08:00
parent bf7ffbe0c0
commit fcaded312e
3 changed files with 450 additions and 483 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

609
jdk/src/share/classes/sun/security/tools/KeyTool.java
View File

@ -76,6 +76,7 @@ import sun.security.util.DerValue;
import sun.security.x509.*;
import static java.security.KeyStore.*;
import static sun.security.tools.KeyTool.Command.*;
/**
* This tool manages keystores.
@ -92,7 +93,7 @@ import static java.security.KeyStore.*;
public final class KeyTool {
private boolean debug = false;
private int command = -1;
private Command command = null;
private String sigAlgName = null;
private String keyAlgName = null;
private boolean verbose = false;
@ -146,24 +147,132 @@ public final class KeyTool {
private List <String> v3ext = new ArrayList <String> ();
private static final int CERTREQ = 1;
private static final int CHANGEALIAS = 2;
private static final int DELETE = 3;
private static final int EXPORTCERT = 4;
private static final int GENKEYPAIR = 5;
private static final int GENSECKEY = 6;
// there is no HELP
private static final int IDENTITYDB = 7;
private static final int IMPORTCERT = 8;
private static final int IMPORTKEYSTORE = 9;
private static final int KEYCLONE = 10;
private static final int KEYPASSWD = 11;
private static final int LIST = 12;
private static final int PRINTCERT = 13;
private static final int SELFCERT = 14;
private static final int STOREPASSWD = 15;
private static final int GENCERT = 16;
private static final int PRINTCERTREQ = 17;
enum Command {
CERTREQ("Generates a certificate request",
"-alias", "-sigalg", "-file", "-keypass", "-keystore",
"-storepass", "-storetype", "-providername", "-providerclass",
"-providerarg", "-providerpath", "-v", "-protected"),
CHANGEALIAS("Changes an entry's alias",
"-alias", "-destalias", "-keypass", "-keystore", "-storepass",
"-storetype", "-providername", "-providerclass", "-providerarg",
"-providerpath", "-v", "-protected"),
DELETE("Deletes an entry",
"-alias", "-keystore", "-storepass", "-storetype",
"-providername", "-providerclass", "-providerarg",
"-providerpath", "-v", "-protected"),
EXPORTCERT("Exports certificate",
"-rfc", "-alias", "-file", "-keystore", "-storepass",
"-storetype", "-providername", "-providerclass", "-providerarg",
"-providerpath", "-v", "-protected"),
GENKEYPAIR("Generates a key pair",
"-alias", "-keyalg", "-keysize", "-sigalg", "-destalias",
"-startdate", "-ext", "-validity", "-keypass", "-keystore",
"-storepass", "-storetype", "-providername", "-providerclass",
"-providerarg", "-providerpath", "-v", "-protected"),
GENSECKEY("Generates a secret key",
"-alias", "-keypass", "-keyalg", "-keysize", "-keystore",
"-storepass", "-storetype", "-providername", "-providerclass",
"-providerarg", "-providerpath", "-v", "-protected"),
GENCERT("Generates certificate from a certificate request",
"-rfc", "-infile", "-outfile", "-alias", "-sigalg",
"-startdate", "-ext", "-validity", "-keypass", "-keystore",
"-storepass", "-storetype", "-providername", "-providerclass",
"-providerarg", "-providerpath", "-v", "-protected"),
IDENTITYDB("Imports entries from a JDK 1.1.x-style identity database",
"-file", "-storetype", "-keystore", "-storepass", "-providername",
"-providerclass", "-providerarg", "-providerpath", "-v"),
IMPORTCERT("Imports a certificate or a certificate chain",
"-noprompt", "-trustcacerts", "-protected", "-alias", "-file",
"-keypass", "-keystore", "-storepass", "-storetype",
"-providername", "-providerclass", "-providerarg",
"-providerpath", "-v"),
IMPORTKEYSTORE("Imports one or all entries from another keystore",
"-srckeystore", "-destkeystore", "-srcstoretype",
"-deststoretype", "-srcstorepass", "-deststorepass",
"-srcprotected", "-srcprovidername", "-destprovidername",
"-srcalias", "-destalias", "-srckeypass", "-destkeypass",
"-noprompt", "-providerclass", "-providerarg", "-providerpath",
"-v"),
KEYCLONE("Clones a key entry",
"-alias", "-destalias", "-keypass", "-new", "-storetype",
"-keystore", "-storepass", "-providername", "-providerclass",
"-providerarg", "-providerpath", "-v"),
KEYPASSWD("Changes the key password of an entry",
"-alias", "-keypass", "-new", "-keystore", "-storepass",
"-storetype", "-providername", "-providerclass", "-providerarg",
"-providerpath", "-v"),
LIST("Lists entries in a keystore",
"-rfc", "-alias", "-keystore", "-storepass", "-storetype",
"-providername", "-providerclass", "-providerarg",
"-providerpath", "-v", "-protected"),
PRINTCERT("Prints the content of a certificate",
"-rfc", "-file", "-sslserver", "-v"),
PRINTCERTREQ("Prints the content of a certificate request",
"-file", "-v"),
SELFCERT("Generates a self-signed certificate",
"-alias", "-sigalg", "-dname", "-startdate", "-validity", "-keypass",
"-storetype", "-keystore", "-storepass", "-providername",
"-providerclass", "-providerarg", "-providerpath", "-v"),
STOREPASSWD("Changes the store password of a keystore",
"-new", "-keystore", "-storepass", "-storetype", "-providername",
"-providerclass", "-providerarg", "-providerpath", "-v");
final String description;
final String[] options;
Command(String d, String... o) {
description = d;
options = o;
}
@Override
public String toString() {
return "-" + name().toLowerCase(Locale.ENGLISH);
}
};
private static String[][] options = {
// name, arg, description
{"-alias", "<alias>", "alias name of the entry to process"},
{"-destalias", "<destalias>", "destination alias"},
{"-destkeypass", "<arg>", "destination key password"},
{"-destkeystore", "<destkeystore>", "destination keystore name"},
{"-destprotected", null, "destination keystore password protected"},
{"-destprovidername", "<destprovidername>", "destination keystore provider name"},
{"-deststorepass", "<arg>", "destination keystore password"},
{"-deststoretype", "<deststoretype>", "destination keystore type"},
{"-dname", "<dname>", "distinguished name"},
{"-ext", "<value>", "X.509 extension"},
{"-file", "<filename>", "output file name"},
{"-file", "<filename>", "input file name"},
{"-infile", "<filename>", "input file name"},
{"-keyalg", "<keyalg>", "key algorithm name"},
{"-keypass", "<arg>", "key password"},
{"-keysize", "<keysize>", "key bit size"},
{"-keystore", "<keystore>", "keystore name"},
{"-new", "<arg>", "new password"},
{"-noprompt", null, "do not prompt"},
{"-outfile", "<filename>", "output file name"},
{"-protected", null, "password through protected mechanism"},
{"-providerarg", "<arg>", "provider argument"},
{"-providerclass", "<providerclass>", "provider class name"},
{"-providername", "<providername>", "provider name"},
{"-providerpath", "<pathlist>", "provider classpath"},
{"-rfc", null, "output in RFC style"},
{"-sigalg", "<sigalg>", "signature algorithm name"},
{"-srcalias", "<srcalias>", "source alias"},
{"-srckeypass", "<arg>", "source keystore password"},
{"-srckeystore", "<srckeystore>", "source keystore name"},
{"-srcprotected", null, "source keystore password protected"},
{"-srcprovidername", "<srcprovidername>", "source keystore provider name"},
{"-srcstorepass", "<arg>", "source keystore password"},
{"-srcstoretype", "<srcstoretype>", "source keystore type"},
{"-sslserver", "<server[:port]>", "SSL server host and port"},
{"-startdate", "<startdate>", "certificate validity start date/time"},
{"-storepass", "<arg>", "keystore password"},
{"-storetype", "<storetype>", "keystore type"},
{"-trustcacerts", null, "trust certificates from cacerts"},
{"-v", null, "verbose output"},
{"-validity", "<valDays>", "validity number of days"},
};
private static final Class[] PARAM_STRING = { String.class };
@ -192,7 +301,7 @@ public final class KeyTool {
private void run(String[] args, PrintStream out) throws Exception {
try {
parseArgs(args);
if (command != -1) {
if (command != null) {
doCommands(out);
}
} catch (Exception e) {
@ -224,59 +333,50 @@ public final class KeyTool {
*/
void parseArgs(String[] args) {
if (args.length == 0) {
usage();
return;
}
int i=0;
boolean help = args.length == 0;
for (i=0; (i < args.length) && args[i].startsWith("-"); i++) {
String flags = args[i];
// Check if the last option needs an arg
if (i == args.length - 1) {
for (String[] option: options) {
// Only options with an arg need to be checked
if (collator.compare(flags, option[0]) == 0) {
if (option[1] != null) errorNeedArgument(flags);
break;
}
}
}
/*
* command modes
*/
if (collator.compare(flags, "-certreq") == 0) {
command = CERTREQ;
} else if (collator.compare(flags, "-delete") == 0) {
command = DELETE;
} else if (collator.compare(flags, "-export") == 0 ||
collator.compare(flags, "-exportcert") == 0) {
boolean isCommand = false;
for (Command c: Command.values()) {
if (collator.compare(flags, c.toString()) == 0) {
command = c;
isCommand = true;
break;
}
}
if (isCommand) {
// already recognized as a command
} else if (collator.compare(flags, "-export") == 0) {
command = EXPORTCERT;
} else if (collator.compare(flags, "-genkey") == 0 ||
collator.compare(flags, "-genkeypair") == 0) {
} else if (collator.compare(flags, "-genkey") == 0) {
command = GENKEYPAIR;
} else if (collator.compare(flags, "-help") == 0) {
usage();
return;
} else if (collator.compare(flags, "-identitydb") == 0) { // obsolete
command = IDENTITYDB;
} else if (collator.compare(flags, "-import") == 0 ||
collator.compare(flags, "-importcert") == 0) {
} else if (collator.compare(flags, "-import") == 0) {
command = IMPORTCERT;
} else if (collator.compare(flags, "-keyclone") == 0) { // obsolete
command = KEYCLONE;
} else if (collator.compare(flags, "-changealias") == 0) {
command = CHANGEALIAS;
} else if (collator.compare(flags, "-keypasswd") == 0) {
command = KEYPASSWD;
} else if (collator.compare(flags, "-list") == 0) {
command = LIST;
} else if (collator.compare(flags, "-printcert") == 0) {
command = PRINTCERT;
} else if (collator.compare(flags, "-selfcert") == 0) { // obsolete
command = SELFCERT;
} else if (collator.compare(flags, "-storepasswd") == 0) {
command = STOREPASSWD;
} else if (collator.compare(flags, "-importkeystore") == 0) {
command = IMPORTKEYSTORE;
} else if (collator.compare(flags, "-genseckey") == 0) {
command = GENSECKEY;
} else if (collator.compare(flags, "-gencert") == 0) {
command = GENCERT;
} else if (collator.compare(flags, "-printcertreq") == 0) {
command = PRINTCERTREQ;
}
/*
* Help
*/
else if (collator.compare(flags, "-help") == 0) {
help = true;
}
/*
@ -284,101 +384,74 @@ public final class KeyTool {
*/
else if (collator.compare(flags, "-keystore") == 0 ||
collator.compare(flags, "-destkeystore") == 0) {
if (++i == args.length) errorNeedArgument(flags);
ksfname = args[i];
ksfname = args[++i];
} else if (collator.compare(flags, "-storepass") == 0 ||
collator.compare(flags, "-deststorepass") == 0) {
if (++i == args.length) errorNeedArgument(flags);
storePass = args[i].toCharArray();
storePass = args[++i].toCharArray();
passwords.add(storePass);
} else if (collator.compare(flags, "-storetype") == 0 ||
collator.compare(flags, "-deststoretype") == 0) {
if (++i == args.length) errorNeedArgument(flags);
storetype = args[i];
storetype = args[++i];
} else if (collator.compare(flags, "-srcstorepass") == 0) {
if (++i == args.length) errorNeedArgument(flags);
srcstorePass = args[i].toCharArray();
srcstorePass = args[++i].toCharArray();
passwords.add(srcstorePass);
} else if (collator.compare(flags, "-srcstoretype") == 0) {
if (++i == args.length) errorNeedArgument(flags);
srcstoretype = args[i];
srcstoretype = args[++i];
} else if (collator.compare(flags, "-srckeypass") == 0) {
if (++i == args.length) errorNeedArgument(flags);
srckeyPass = args[i].toCharArray();
srckeyPass = args[++i].toCharArray();
passwords.add(srckeyPass);
} else if (collator.compare(flags, "-srcprovidername") == 0) {
if (++i == args.length) errorNeedArgument(flags);
srcProviderName = args[i];
srcProviderName = args[++i];
} else if (collator.compare(flags, "-providername") == 0 ||
collator.compare(flags, "-destprovidername") == 0) {
if (++i == args.length) errorNeedArgument(flags);
providerName = args[i];
providerName = args[++i];
} else if (collator.compare(flags, "-providerpath") == 0) {
if (++i == args.length) errorNeedArgument(flags);
pathlist = args[i];
pathlist = args[++i];
} else if (collator.compare(flags, "-keypass") == 0) {
if (++i == args.length) errorNeedArgument(flags);
keyPass = args[i].toCharArray();
keyPass = args[++i].toCharArray();
passwords.add(keyPass);
} else if (collator.compare(flags, "-new") == 0) {
if (++i == args.length) errorNeedArgument(flags);
newPass = args[i].toCharArray();
newPass = args[++i].toCharArray();
passwords.add(newPass);
} else if (collator.compare(flags, "-destkeypass") == 0) {
if (++i == args.length) errorNeedArgument(flags);
destKeyPass = args[i].toCharArray();
destKeyPass = args[++i].toCharArray();
passwords.add(destKeyPass);
} else if (collator.compare(flags, "-alias") == 0 ||
collator.compare(flags, "-srcalias") == 0) {
if (++i == args.length) errorNeedArgument(flags);
alias = args[i];
alias = args[++i];
} else if (collator.compare(flags, "-dest") == 0 ||
collator.compare(flags, "-destalias") == 0) {
if (++i == args.length) errorNeedArgument(flags);
dest = args[i];
dest = args[++i];
} else if (collator.compare(flags, "-dname") == 0) {
if (++i == args.length) errorNeedArgument(flags);
dname = args[i];
dname = args[++i];
} else if (collator.compare(flags, "-keysize") == 0) {
if (++i == args.length) errorNeedArgument(flags);
keysize = Integer.parseInt(args[i]);
keysize = Integer.parseInt(args[++i]);
} else if (collator.compare(flags, "-keyalg") == 0) {
if (++i == args.length) errorNeedArgument(flags);
keyAlgName = args[i];
keyAlgName = args[++i];
} else if (collator.compare(flags, "-sigalg") == 0) {
if (++i == args.length) errorNeedArgument(flags);
sigAlgName = args[i];
sigAlgName = args[++i];
} else if (collator.compare(flags, "-startdate") == 0) {
if (++i == args.length) errorNeedArgument(flags);
startDate = args[i];
startDate = args[++i];
} else if (collator.compare(flags, "-validity") == 0) {
if (++i == args.length) errorNeedArgument(flags);
validity = Long.parseLong(args[i]);
validity = Long.parseLong(args[++i]);
} else if (collator.compare(flags, "-ext") == 0) {
if (++i == args.length) errorNeedArgument(flags);
v3ext.add(args[i]);
v3ext.add(args[++i]);
} else if (collator.compare(flags, "-file") == 0) {
if (++i == args.length) errorNeedArgument(flags);
filename = args[i];
filename = args[++i];
} else if (collator.compare(flags, "-infile") == 0) {
if (++i == args.length) errorNeedArgument(flags);
infilename = args[i];
infilename = args[++i];
} else if (collator.compare(flags, "-outfile") == 0) {
if (++i == args.length) errorNeedArgument(flags);
outfilename = args[i];
outfilename = args[++i];
} else if (collator.compare(flags, "-sslserver") == 0) {
if (++i == args.length) errorNeedArgument(flags);
sslserver = args[i];
sslserver = args[++i];
} else if (collator.compare(flags, "-srckeystore") == 0) {
if (++i == args.length) errorNeedArgument(flags);
srcksfname = args[i];
srcksfname = args[++i];
} else if ((collator.compare(flags, "-provider") == 0) ||
(collator.compare(flags, "-providerclass") == 0)) {
if (++i == args.length) errorNeedArgument(flags);
if (providers == null) {
providers = new HashSet<Pair <String, String>> (3);
}
String providerClass = args[i];
String providerClass = args[++i];
String providerArg = null;
if (args.length > (i+1)) {
@ -418,19 +491,24 @@ public final class KeyTool {
}
if (i<args.length) {
MessageFormat form = new MessageFormat
(rb.getString("Usage error, <arg> is not a legal command"));
Object[] source = {args[i]};
throw new RuntimeException(form.format(source));
System.err.println(rb.getString("Illegal option: ") + args[i]);
tinyHelp();
}
if (command == -1) {
System.err.println(rb.getString("Usage error: no command provided"));
tinyHelp();
if (command == null) {
if (help) {
usage();
} else {
System.err.println(rb.getString("Usage error: no command provided"));
tinyHelp();
}
} else if (help) {
usage();
command = null;
}
}
boolean isKeyStoreRelated(int cmd) {
boolean isKeyStoreRelated(Command cmd) {
return cmd != PRINTCERT && cmd != PRINTCERTREQ;
}
@ -2600,7 +2678,7 @@ public final class KeyTool {
do {
if (maxRetry-- < 0) {
throw new RuntimeException(rb.getString(
"Too may retries, program terminated"));
"Too many retries, program terminated"));
}
commonName = inputString(in,
rb.getString("What is your first and last name?"),
@ -3086,7 +3164,7 @@ public final class KeyTool {
do {
if (maxRetry-- < 0) {
throw new RuntimeException(rb.getString(
"Too may retries, program terminated"));
"Too many retries, program terminated"));
}
System.err.print(prompt);
System.err.flush();
@ -3258,7 +3336,8 @@ public final class KeyTool {
int nmatch = 0;
for (int i = 0; i<list.length; i++) {
String one = list[i];
if (one.toLowerCase().startsWith(s.toLowerCase())) {
if (one.toLowerCase(Locale.ENGLISH)
.startsWith(s.toLowerCase(Locale.ENGLISH))) {
match[nmatch++] = i;
} else {
StringBuffer sb = new StringBuffer();
@ -3368,9 +3447,9 @@ public final class KeyTool {
// Honoring requested extensions
if (reqex != null) {
for(String extstr: extstrs) {
if (extstr.toLowerCase().startsWith("honored=")) {
if (extstr.toLowerCase(Locale.ENGLISH).startsWith("honored=")) {
List<String> list = Arrays.asList(
extstr.toLowerCase().substring(8).split(","));
extstr.toLowerCase(Locale.ENGLISH).substring(8).split(","));
// First check existence of "all"
if (list.contains("all")) {
ext = reqex; // we know ext was null
@ -3687,227 +3766,69 @@ public final class KeyTool {
* Prints the usage of this tool.
*/
private void usage() {
System.err.println(rb.getString("keytool usage:\n"));
if (command != null) {
System.err.println("keytool " + command +
rb.getString(" [OPTION]..."));
System.err.println();
System.err.println(rb.getString(command.description));
System.err.println();
System.err.println(rb.getString("Options:"));
System.err.println();
System.err.println(rb.getString
("-certreq [-v] [-protected]"));
System.err.println(rb.getString
("\t [-alias <alias>] [-sigalg <sigalg>]"));
System.err.println(rb.getString
("\t [-dname <dname>]"));
System.err.println(rb.getString
("\t [-file <csr_file>] [-keypass <keypass>]"));
System.err.println(rb.getString
("\t [-keystore <keystore>] [-storepass <storepass>]"));
System.err.println(rb.getString
("\t [-storetype <storetype>] [-providername <name>]"));
System.err.println(rb.getString
("\t [-providerclass <provider_class_name> [-providerarg <arg>]] ..."));
System.err.println(rb.getString
("\t [-providerpath <pathlist>]"));
System.err.println();
// Left and right sides of the options list
String[] left = new String[command.options.length];
String[] right = new String[command.options.length];
System.err.println(rb.getString
("-changealias [-v] [-protected] -alias <alias> -destalias <destalias>"));
System.err.println(rb.getString
("\t [-keypass <keypass>]"));
System.err.println(rb.getString
("\t [-keystore <keystore>] [-storepass <storepass>]"));
System.err.println(rb.getString
("\t [-storetype <storetype>] [-providername <name>]"));
System.err.println(rb.getString
("\t [-providerclass <provider_class_name> [-providerarg <arg>]] ..."));
System.err.println(rb.getString
("\t [-providerpath <pathlist>]"));
System.err.println();
// Check if there's an unknown option
boolean found = false;
System.err.println(rb.getString
("-delete [-v] [-protected] -alias <alias>"));
System.err.println(rb.getString
("\t [-keystore <keystore>] [-storepass <storepass>]"));
System.err.println(rb.getString
("\t [-storetype <storetype>] [-providername <name>]"));
System.err.println(rb.getString
("\t [-providerclass <provider_class_name> [-providerarg <arg>]] ..."));
System.err.println(rb.getString
("\t [-providerpath <pathlist>]"));
System.err.println();
System.err.println(rb.getString
("-exportcert [-v] [-rfc] [-protected]"));
System.err.println(rb.getString
("\t [-alias <alias>] [-file <cert_file>]"));
System.err.println(rb.getString
("\t [-keystore <keystore>] [-storepass <storepass>]"));
System.err.println(rb.getString
("\t [-storetype <storetype>] [-providername <name>]"));
System.err.println(rb.getString
("\t [-providerclass <provider_class_name> [-providerarg <arg>]] ..."));
System.err.println(rb.getString
("\t [-providerpath <pathlist>]"));
System.err.println();
System.err.println(rb.getString
("-genkeypair [-v] [-protected]"));
System.err.println(rb.getString
("\t [-alias <alias>]"));
System.err.println(rb.getString
("\t [-keyalg <keyalg>] [-keysize <keysize>]"));
System.err.println(rb.getString
("\t [-sigalg <sigalg>] [-dname <dname>]"));
System.err.println(rb.getString
("\t [-startdate <startdate>]"));
System.err.println(rb.getString
("\t [-ext <key>[:critical][=<value>]]..."));
System.err.println(rb.getString
("\t [-validity <valDays>] [-keypass <keypass>]"));
System.err.println(rb.getString
("\t [-keystore <keystore>] [-storepass <storepass>]"));
System.err.println(rb.getString
("\t [-storetype <storetype>] [-providername <name>]"));
System.err.println(rb.getString
("\t [-providerclass <provider_class_name> [-providerarg <arg>]] ..."));
System.err.println(rb.getString
("\t [-providerpath <pathlist>]"));
System.err.println();
System.err.println(rb.getString
("-gencert [-v] [-rfc] [-protected]"));
System.err.println(rb.getString
("\t [-infile <infile>] [-outfile <outfile>]"));
System.err.println(rb.getString
("\t [-alias <alias>]"));
System.err.println(rb.getString
("\t [-dname <dname>]"));
System.err.println(rb.getString
("\t [-sigalg <sigalg>]"));
System.err.println(rb.getString
("\t [-startdate <startdate>]"));
System.err.println(rb.getString
("\t [-ext <key>[:critical][=<value>]]..."));
System.err.println(rb.getString
("\t [-validity <valDays>] [-keypass <keypass>]"));
System.err.println(rb.getString
("\t [-keystore <keystore>] [-storepass <storepass>]"));
System.err.println(rb.getString
("\t [-storetype <storetype>] [-providername <name>]"));
System.err.println(rb.getString
("\t [-providerclass <provider_class_name> [-providerarg <arg>]] ..."));
System.err.println(rb.getString
("\t [-providerpath <pathlist>]"));
System.err.println();
System.err.println(rb.getString
("-genseckey [-v] [-protected]"));
System.err.println(rb.getString
("\t [-alias <alias>] [-keypass <keypass>]"));
System.err.println(rb.getString
("\t [-keyalg <keyalg>] [-keysize <keysize>]"));
System.err.println(rb.getString
("\t [-keystore <keystore>] [-storepass <storepass>]"));
System.err.println(rb.getString
("\t [-storetype <storetype>] [-providername <name>]"));
System.err.println(rb.getString
("\t [-providerclass <provider_class_name> [-providerarg <arg>]] ..."));
System.err.println(rb.getString
("\t [-providerpath <pathlist>]"));
System.err.println();
System.err.println(rb.getString("-help"));
System.err.println();
System.err.println(rb.getString
("-importcert [-v] [-noprompt] [-trustcacerts] [-protected]"));
System.err.println(rb.getString
("\t [-alias <alias>]"));
System.err.println(rb.getString
("\t [-file <cert_file>] [-keypass <keypass>]"));
System.err.println(rb.getString
("\t [-keystore <keystore>] [-storepass <storepass>]"));
System.err.println(rb.getString
("\t [-storetype <storetype>] [-providername <name>]"));
System.err.println(rb.getString
("\t [-providerclass <provider_class_name> [-providerarg <arg>]] ..."));
System.err.println(rb.getString
("\t [-providerpath <pathlist>]"));
System.err.println();
System.err.println(rb.getString
("-importkeystore [-v] "));
System.err.println(rb.getString
("\t [-srckeystore <srckeystore>] [-destkeystore <destkeystore>]"));
System.err.println(rb.getString
("\t [-srcstoretype <srcstoretype>] [-deststoretype <deststoretype>]"));
System.err.println(rb.getString
("\t [-srcstorepass <srcstorepass>] [-deststorepass <deststorepass>]"));
System.err.println(rb.getString
("\t [-srcprotected] [-destprotected]"));
System.err.println(rb.getString
("\t [-srcprovidername <srcprovidername>]\n\t [-destprovidername <destprovidername>]"));
System.err.println(rb.getString
("\t [-srcalias <srcalias> [-destalias <destalias>]"));
System.err.println(rb.getString
("\t [-srckeypass <srckeypass>] [-destkeypass <destkeypass>]]"));
System.err.println(rb.getString
("\t [-noprompt]"));
System.err.println(rb.getString
("\t [-providerclass <provider_class_name> [-providerarg <arg>]] ..."));
System.err.println(rb.getString
("\t [-providerpath <pathlist>]"));
System.err.println();
System.err.println(rb.getString
("-keypasswd [-v] [-alias <alias>]"));
System.err.println(rb.getString
("\t [-keypass <old_keypass>] [-new <new_keypass>]"));
System.err.println(rb.getString
("\t [-keystore <keystore>] [-storepass <storepass>]"));
System.err.println(rb.getString
("\t [-storetype <storetype>] [-providername <name>]"));
System.err.println(rb.getString
("\t [-providerclass <provider_class_name> [-providerarg <arg>]] ..."));
System.err.println(rb.getString
("\t [-providerpath <pathlist>]"));
System.err.println();
System.err.println(rb.getString
("-list [-v | -rfc] [-protected]"));
System.err.println(rb.getString
("\t [-alias <alias>]"));
System.err.println(rb.getString
("\t [-keystore <keystore>] [-storepass <storepass>]"));
System.err.println(rb.getString
("\t [-storetype <storetype>] [-providername <name>]"));
System.err.println(rb.getString
("\t [-providerclass <provider_class_name> [-providerarg <arg>]] ..."));
System.err.println(rb.getString
("\t [-providerpath <pathlist>]"));
System.err.println();
System.err.println(rb.getString
("-printcert [-v] [-rfc] [-file <cert_file> | -sslserver <host[:port]>]"));
System.err.println();
System.err.println(rb.getString
("-printcertreq [-v] [-file <cert_file>]"));
System.err.println();
System.err.println(rb.getString
("-storepasswd [-v] [-new <new_storepass>]"));
System.err.println(rb.getString
("\t [-keystore <keystore>] [-storepass <storepass>]"));
System.err.println(rb.getString
("\t [-storetype <storetype>] [-providername <name>]"));
System.err.println(rb.getString
("\t [-providerclass <provider_class_name> [-providerarg <arg>]] ..."));
System.err.println(rb.getString
("\t [-providerpath <pathlist>]"));
// Length of left side of options list
int lenLeft = 0;
for (int j=0; j<left.length; j++) {
for (String[] opt: options) {
if (collator.compare(opt[0], command.options[j]) == 0) {
left[j] = opt[0];
if (opt[1] != null) left[j] += " " + opt[1];
if (left[j].length() > lenLeft) {
lenLeft = left[j].length();
}
right[j] = rb.getString(opt[2]);
found = true;
break;
}
}
if (!found) {
throw new RuntimeException("ERROR: CANNOT FIND " + command.options[j]);
}
}
for (int j=0; j<left.length; j++) {
System.err.printf(" %-" + lenLeft + "s %s\n",
left[j], right[j]);
}
System.err.println();
System.err.println(rb.getString(
"Use \"keytool -help\" for all available commands"));
} else {
System.err.println(rb.getString(
"Key and Certificate Management Tool"));
System.err.println();
System.err.println(rb.getString("Commands:"));
System.err.println();
for (Command c: Command.values()) {
if (c != IDENTITYDB
&& c != KEYCLONE
&& c != SELFCERT) { // Deprecated commands
System.err.printf(" %-20s%s\n", c, rb.getString(c.description));
}
}
System.err.println();
System.err.println(rb.getString(
"Use \"keytool -command_name -help\" for usage of command_name"));
}
}
private void tinyHelp() {
System.err.println(rb.getString("Try keytool -help"));
// do not drown user with the help lines.
usage();
if (debug) {
throw new RuntimeException("NO BIG ERROR, SORRY");
} else {

271
jdk/src/share/classes/sun/security/util/Resources.java
View File

@ -46,18 +46,145 @@ public class Resources extends java.util.ListResourceBundle {
{"*******************************************\n\n",
"*******************************************\n\n"},
// keytool
// keytool: Help part
{" [OPTION]...", " [OPTION]..."},
{"Options:", "Options:"},
{"Use \"keytool -help\" for all available commands",
"Use \"keytool -help\" for all available commands"},
{"Key and Certificate Management Tool",
"Key and Certificate Management Tool"},
{"Commands:", "Commands:"},
{"Use \"keytool -command_name -help\" for usage of command_name",
"Use \"keytool -command_name -help\" for usage of command_name"},
// keytool: help: commands
{"Generates a certificate request",
"Generates a certificate request"}, //-certreq
{"Changes an entry's alias",
"Changes an entry's alias"}, //-changealias
{"Deletes an entry",
"Deletes an entry"}, //-delete
{"Exports certificate",
"Exports certificate"}, //-exportcert
{"Generates a key pair",
"Generates a key pair"}, //-genkeypair
{"Generates a secret key",
"Generates a secret key"}, //-genseckey
{"Generates certificate from a certificate request",
"Generates certificate from a certificate request"}, //-gencert
{"Imports entries from a JDK 1.1.x-style identity database",
"Imports entries from a JDK 1.1.x-style identity database"}, //-identitydb
{"Imports a certificate or a certificate chain",
"Imports a certificate or a certificate chain"}, //-importcert
{"Imports one or all entries from another keystore",
"Imports one or all entries from another keystore"}, //-importkeystore
{"Clones a key entry",
"Clones a key entry"}, //-keyclone
{"Changes the key password of an entry",
"Changes the key password of an entry"}, //-keypasswd
{"Lists entries in a keystore",
"Lists entries in a keystore"}, //-list
{"Prints the content of a certificate",
"Prints the content of a certificate"}, //-printcert
{"Prints the content of a certificate request",
"Prints the content of a certificate request"}, //-printcertreq
{"Generates a self-signed certificate",
"Generates a self-signed certificate"}, //-selfcert
{"Changes the store password of a keystore",
"Changes the store password of a keystore"}, //-storepasswd
// keytool: help: options
{"alias name of the entry to process",
"alias name of the entry to process"}, //-alias
{"destination alias",
"destination alias"}, //-destalias
{"destination key password",
"destination key password"}, //-destkeypass
{"destination keystore name",
"destination keystore name"}, //-destkeystore
{"destination keystore password protected",
"destination keystore password protected"}, //-destprotected
{"destination keystore provider name",
"destination keystore provider name"}, //-destprovidername
{"destination keystore password",
"destination keystore password"}, //-deststorepass
{"destination keystore type",
"destination keystore type"}, //-deststoretype
{"distinguished name",
"distinguished name"}, //-dname
{"X.509 extension",
"X.509 extension"}, //-ext
{"output file name",
"output file name"}, //-file
{"input file name",
"input file name"}, //-file
{"input file name",
"input file name"}, //-infile
{"key algorithm name",
"key algorithm name"}, //-keyalg
{"key password",
"key password"}, //-keypass
{"key bit size",
"key bit size"}, //-keysize
{"keystore name",
"keystore name"}, //-keystore
{"new password",
"new password"}, //-new
{"do not prompt",
"do not prompt"}, //-noprompt
{"output file name",
"output file name"}, //-outfile
{"password through protected mechanism",
"password through protected mechanism"}, //-protected
{"provider argument",
"provider argument"}, //-providerarg
{"provider class name",
"provider class name"}, //-providerclass
{"provider name",
"provider name"}, //-providername
{"provider classpath",
"provider classpath"}, //-providerpath
{"output in RFC style",
"output in RFC style"}, //-rfc
{"signature algorithm name",
"signature algorithm name"}, //-sigalg
{"source alias",
"source alias"}, //-srcalias
{"source keystore password",
"source keystore password"}, //-srckeypass
{"source keystore name",
"source keystore name"}, //-srckeystore
{"source keystore password protected",
"source keystore password protected"}, //-srcprotected
{"source keystore provider name",
"source keystore provider name"}, //-srcprovidername
{"source keystore password",
"source keystore password"}, //-srcstorepass
{"source keystore type",
"source keystore type"}, //-srcstoretype
{"SSL server host and port",
"SSL server host and port"}, //-sslserver
{"certificate validity start date/time",
"certificate validity start date/time"}, //-startdate
{"keystore password",
"keystore password"}, //-storepass
{"keystore type",
"keystore type"}, //-storetype
{"trust certificates from cacerts",
"trust certificates from cacerts"}, //-trustcacerts
{"verbose output",
"verbose output"}, //-v
{"validity number of days",
"validity number of days"}, //-validity
// keytool: Running part
{"keytool error: ", "keytool error: "},
{"Illegal option: ", "Illegal option: "},
{"Illegal value: ", "Illegal value: "},
{"Try keytool -help","Try keytool -help"},
{"Command option <flag> needs an argument.", "Command option {0} needs an argument."},
{"Warning: Different store and key passwords not supported for PKCS12 KeyStores. Ignoring user-specified <command> value.",
"Warning: Different store and key passwords not supported for PKCS12 KeyStores. Ignoring user-specified {0} value."},
{"-keystore must be NONE if -storetype is {0}",
"-keystore must be NONE if -storetype is {0}"},
{"Too may retries, program terminated",
"Too may retries, program terminated"},
{"Too many retries, program terminated",
"Too many retries, program terminated"},
{"-storepasswd and -keypasswd commands not supported if -storetype is {0}",
"-storepasswd and -keypasswd commands not supported if -storetype is {0}"},
{"-keypasswd commands not supported if -storetype is PKCS12",
@ -77,7 +204,6 @@ public class Resources extends java.util.ListResourceBundle {
"Validity must be greater than zero"},
{"provName not a provider", "{0} not a provider"},
{"Usage error: no command provided", "Usage error: no command provided"},
{"Usage error, <arg> is not a legal command", "Usage error, {0} is not a legal command"},
{"Source keystore file exists, but is empty: ", "Source keystore file exists, but is empty: "},
{"Please specify -srckeystore", "Please specify -srckeystore"},
{"Must not specify both -v and -rfc with 'list' command",
@ -279,7 +405,6 @@ public class Resources extends java.util.ListResourceBundle {
"Secret Key not generated, alias <{0}> already exists"},
{"Please provide -keysize for secret key generation",
"Please provide -keysize for secret key generation"},
{"keytool usage:\n", "keytool usage:\n"},
{"Extensions: ", "Extensions: "},
{"(Empty value)", "(Empty value)"},
@ -297,139 +422,6 @@ public class Resources extends java.util.ListResourceBundle {
{"Odd number of hex digits found: ", "Odd number of hex digits found: "},
{"command {0} is ambiguous:", "command {0} is ambiguous:"},
{"-certreq [-v] [-protected]",
"-certreq [-v] [-protected]"},
{"\t [-alias <alias>] [-sigalg <sigalg>]",
"\t [-alias <alias>] [-sigalg <sigalg>]"},
{"\t [-dname <dname>]", "\t [-dname <dname>]"},
{"\t [-file <csr_file>] [-keypass <keypass>]",
"\t [-file <csr_file>] [-keypass <keypass>]"},
{"\t [-keystore <keystore>] [-storepass <storepass>]",
"\t [-keystore <keystore>] [-storepass <storepass>]"},
{"\t [-storetype <storetype>] [-providername <name>]",
"\t [-storetype <storetype>] [-providername <name>]"},
{"\t [-providerclass <provider_class_name> [-providerarg <arg>]] ...",
"\t [-providerclass <provider_class_name> [-providerarg <arg>]] ..."},
{"\t [-providerpath <pathlist>]",
"\t [-providerpath <pathlist>]"},
{"-delete [-v] [-protected] -alias <alias>",
"-delete [-v] [-protected] -alias <alias>"},
/** rest is same as -certreq starting from -keystore **/
//{"-export [-v] [-rfc] [-protected]",
// "-export [-v] [-rfc] [-protected]"},
{"-exportcert [-v] [-rfc] [-protected]",
"-exportcert [-v] [-rfc] [-protected]"},
{"\t [-alias <alias>] [-file <cert_file>]",
"\t [-alias <alias>] [-file <cert_file>]"},
/** rest is same as -certreq starting from -keystore **/
//{"-genkey [-v] [-protected]",
// "-genkey [-v] [-protected]"},
{"-genkeypair [-v] [-protected]",
"-genkeypair [-v] [-protected]"},
{"\t [-alias <alias>]", "\t [-alias <alias>]"},
{"\t [-keyalg <keyalg>] [-keysize <keysize>]",
"\t [-keyalg <keyalg>] [-keysize <keysize>]"},
{"\t [-sigalg <sigalg>] [-dname <dname>]",
"\t [-sigalg <sigalg>] [-dname <dname>]"},
{"\t [-startdate <startdate>]",
"\t [-startdate <startdate>]"},
{"\t [-validity <valDays>] [-keypass <keypass>]",
"\t [-validity <valDays>] [-keypass <keypass>]"},
/** rest is same as -certreq starting from -keystore **/
{"-gencert [-v] [-rfc] [-protected]",
"-gencert [-v] [-rfc] [-protected]"},
{"\t [-infile <infile>] [-outfile <outfile>]",
"\t [-infile <infile>] [-outfile <outfile>]"},
{"\t [-sigalg <sigalg>]",
"\t [-sigalg <sigalg>]"},
{"\t [-ext <key>[:critical][=<value>]]...",
"\t [-ext <key>[:critical][=<value>]]..."},
{"-genseckey [-v] [-protected]",
"-genseckey [-v] [-protected]"},
/** rest is same as -certreq starting from -keystore **/
{"-help", "-help"},
//{"-identitydb [-v] [-protected]",
// "-identitydb [-v] [-protected]"},
//{"\t [-file <idb_file>]", "\t [-file <idb_file>]"},
/** rest is same as -certreq starting from -keystore **/
//{"-import [-v] [-noprompt] [-trustcacerts] [-protected]",
// "-import [-v] [-noprompt] [-trustcacerts] [-protected]"},
{"-importcert [-v] [-noprompt] [-trustcacerts] [-protected]",
"-importcert [-v] [-noprompt] [-trustcacerts] [-protected]"},
{"\t [-alias <alias>]", "\t [-alias <alias>]"},
{"\t [-alias <alias>] [-keypass <keypass>]",
"\t [-alias <alias>] [-keypass <keypass>]"},
{"\t [-file <cert_file>] [-keypass <keypass>]",
"\t [-file <cert_file>] [-keypass <keypass>]"},
/** rest is same as -certreq starting from -keystore **/
{"-importkeystore [-v] ",
"-importkeystore [-v] "},
{"\t [-srckeystore <srckeystore>] [-destkeystore <destkeystore>]",
"\t [-srckeystore <srckeystore>] [-destkeystore <destkeystore>]"},
{"\t [-srcstoretype <srcstoretype>] [-deststoretype <deststoretype>]",
"\t [-srcstoretype <srcstoretype>] [-deststoretype <deststoretype>]"},
{"\t [-srcprotected] [-destprotected]",
"\t [-srcprotected] [-destprotected]"},
{"\t [-srcstorepass <srcstorepass>] [-deststorepass <deststorepass>]",
"\t [-srcstorepass <srcstorepass>] [-deststorepass <deststorepass>]"},
{"\t [-srcprovidername <srcprovidername>]\n\t [-destprovidername <destprovidername>]", // line too long, split to 2
"\t [-srcprovidername <srcprovidername>]\n\t [-destprovidername <destprovidername>]"},
{"\t [-srcalias <srcalias> [-destalias <destalias>]",
"\t [-srcalias <srcalias> [-destalias <destalias>]"},
{"\t [-srckeypass <srckeypass>] [-destkeypass <destkeypass>]]",
"\t [-srckeypass <srckeypass>] [-destkeypass <destkeypass>]]"},
{"\t [-noprompt]", "\t [-noprompt]"},
/** rest is same as -certreq starting from -keystore **/
{"-changealias [-v] [-protected] -alias <alias> -destalias <destalias>",
"-changealias [-v] [-protected] -alias <alias> -destalias <destalias>"},
{"\t [-keypass <keypass>]", "\t [-keypass <keypass>]"},
//{"-keyclone [-v] [-protected]",
// "-keyclone [-v] [-protected]"},
//{"\t [-alias <alias>] -dest <dest_alias>",
// "\t [-alias <alias>] -dest <dest_alias>"},
//{"\t [-keypass <keypass>] [-new <new_keypass>]",
// "\t [-keypass <keypass>] [-new <new_keypass>]"},
/** rest is same as -certreq starting from -keystore **/
{"-keypasswd [-v] [-alias <alias>]",
"-keypasswd [-v] [-alias <alias>]"},
{"\t [-keypass <old_keypass>] [-new <new_keypass>]",
"\t [-keypass <old_keypass>] [-new <new_keypass>]"},
/** rest is same as -certreq starting from -keystore **/
{"-list [-v | -rfc] [-protected]",
"-list [-v | -rfc] [-protected]"},
{"\t [-alias <alias>]", "\t [-alias <alias>]"},
/** rest is same as -certreq starting from -keystore **/
{"-printcert [-v] [-rfc] [-file <cert_file> | -sslserver <host[:port]>]",
"-printcert [-v] [-rfc] [-file <cert_file> | -sslserver <host[:port]>]"},
{"-printcertreq [-v] [-file <cert_file>]",
"-printcertreq [-v] [-file <cert_file>]"},
{"No certificate from the SSL server",
"No certificate from the SSL server"},
//{"-selfcert [-v] [-protected]",
// "-selfcert [-v] [-protected]"},
{"\t [-alias <alias>]", "\t [-alias <alias>]"},
//{"\t [-dname <dname>] [-validity <valDays>]",
// "\t [-dname <dname>] [-validity <valDays>]"},
//{"\t [-keypass <keypass>] [-sigalg <sigalg>]",
// "\t [-keypass <keypass>] [-sigalg <sigalg>]"},
/** rest is same as -certreq starting from -keystore **/
{"-storepasswd [-v] [-new <new_storepass>]",
"-storepasswd [-v] [-new <new_storepass>]"},
/** rest is same as -certreq starting from -keystore **/
// policytool
{"Warning: A public key for alias 'signers[i]' does not exist. Make sure a KeyStore is properly configured.",
"Warning: A public key for alias {0} does not exist. Make sure a KeyStore is properly configured."},
@ -679,3 +671,4 @@ public class Resources extends java.util.ListResourceBundle {
return contents;
}
}

53
jdk/test/sun/security/tools/keytool/newhelp.sh Normal file
View File

@ -0,0 +1,53 @@
#
# Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 only, as
# published by the Free Software Foundation.
#
# This code is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# version 2 for more details (a copy is included in the LICENSE file that
# accompanied this code).
#
# You should have received a copy of the GNU General Public License version
# 2 along with this work; if not, write to the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
# Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
# CA 95054 USA or visit www.sun.com if you need additional information or
# have any questions.
#
# @test
# @bug 6324292
# @summary keytool -help is unhelpful
#
if [ "${TESTJAVA}" = "" ] ; then
JAVAC_CMD=`which javac`
TESTJAVA=`dirname $JAVAC_CMD`/..
fi
# set platform-dependent variables
OS=`uname -s`
case "$OS" in
Windows_* )
FS="\\"
;;
* )
FS="/"
;;
esac
LANG=C
$TESTJAVA${FS}bin${FS}keytool -help 2> h1 || exit 1
$TESTJAVA${FS}bin${FS}keytool -help -list 2> h2 || exit 2
grep Commands: h1 || exit 3
grep Options: h2 || exit 4
exit 0