changeset 12771:169e56b34a5e

8029659: Keytool, print key algorithm of certificate or key entry Reviewed-by: xuelei
author weijun
date Tue, 25 Jul 2017 13:02:03 +0100
parents 9ddd7155a71f
children 08ea7faa939f
files src/share/classes/sun/security/tools/keytool/Main.java src/share/classes/sun/security/tools/keytool/Resources.java test/sun/security/tools/keytool/keyalg.sh
diffstat 3 files changed, 62 insertions(+), 18 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/sun/security/tools/keytool/Main.java	Tue Jul 25 14:18:04 2017 +0100
+++ b/src/share/classes/sun/security/tools/keytool/Main.java	Tue Jul 25 13:02:03 2017 +0100
@@ -64,6 +64,8 @@
 import java.security.cert.X509CRLSelector;
 import javax.security.auth.x500.X500Principal;
 import java.util.Base64;
+
+import sun.security.util.KeyUtil;
 import sun.security.util.ObjectIdentifier;
 import sun.security.pkcs10.PKCS10;
 import sun.security.pkcs10.PKCS10Attribute;
@@ -1061,8 +1063,13 @@
             doChangeKeyPasswd(alias);
             kssave = true;
         } else if (command == LIST) {
+            if (storePass == null
+                    && !KeyStoreUtil.isWindowsKeyStore(storetype)) {
+                printWarning();
+            }
+
             if (alias != null) {
-                doPrintEntry(alias, out, true);
+                doPrintEntry(alias, out);
             } else {
                 doPrintEntries(out);
             }
@@ -1724,15 +1731,9 @@
     /**
      * Prints a single keystore entry.
      */
-    private void doPrintEntry(String alias, PrintStream out,
-                              boolean printWarning)
+    private void doPrintEntry(String alias, PrintStream out)
         throws Exception
     {
-        if (storePass == null && printWarning
-                && !KeyStoreUtil.isWindowsKeyStore(storetype)) {
-            printWarning();
-        }
-
         if (keyStore.containsAlias(alias) == false) {
             MessageFormat form = new MessageFormat
                 (rb.getString("Alias.alias.does.not.exist"));
@@ -2049,13 +2050,6 @@
     private void doPrintEntries(PrintStream out)
         throws Exception
     {
-        if (storePass == null
-                && !KeyStoreUtil.isWindowsKeyStore(storetype)) {
-            printWarning();
-        } else {
-            out.println();
-        }
-
         out.println(rb.getString("Keystore.type.") + keyStore.getType());
         out.println(rb.getString("Keystore.provider.") +
                 keyStore.getProvider().getName());
@@ -2074,7 +2068,7 @@
         for (Enumeration<String> e = keyStore.aliases();
                                         e.hasMoreElements(); ) {
             String alias = e.nextElement();
-            doPrintEntry(alias, out, false);
+            doPrintEntry(alias, out);
             if (verbose || rfc) {
                 out.println(rb.getString("NEWLINE"));
                 out.println(rb.getString
@@ -2881,6 +2875,7 @@
 
         MessageFormat form = new MessageFormat
                 (rb.getString(".PATTERN.printX509Cert"));
+        PublicKey pkey = cert.getPublicKey();
         Object[] source = {cert.getSubjectDN().toString(),
                         cert.getIssuerDN().toString(),
                         cert.getSerialNumber().toString(16),
@@ -2890,7 +2885,9 @@
                         getCertFingerPrint("SHA1", cert),
                         getCertFingerPrint("SHA-256", cert),
                         cert.getSigAlgName(),
-                        cert.getVersion()
+                        pkey.getAlgorithm(),
+                        KeyUtil.getKeySize(pkey),
+                        cert.getVersion(),
                         };
         out.println(form.format(source));
 
--- a/src/share/classes/sun/security/tools/keytool/Resources.java	Tue Jul 25 14:18:04 2017 +0100
+++ b/src/share/classes/sun/security/tools/keytool/Resources.java	Tue Jul 25 13:02:03 2017 +0100
@@ -346,7 +346,7 @@
         {".RETURN.if.same.as.for.otherAlias.",
                 "\t(RETURN if same as for <{0}>)"},
         {".PATTERN.printX509Cert",
-                "Owner: {0}\nIssuer: {1}\nSerial number: {2}\nValid from: {3} until: {4}\nCertificate fingerprints:\n\t MD5:  {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t Signature algorithm name: {8}\n\t Version: {9}"},
+                "Owner: {0}\nIssuer: {1}\nSerial number: {2}\nValid from: {3} until: {4}\nCertificate fingerprints:\n\t MD5:  {5}\n\t SHA1: {6}\n\t SHA256: {7}\nSignature algorithm name: {8}\nSubject Public Key Algorithm: {9} ({10,number,#})\nVersion: {11}"},
         {"What.is.your.first.and.last.name.",
                 "What is your first and last name?"},
         {"What.is.the.name.of.your.organizational.unit.",
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/tools/keytool/keyalg.sh	Tue Jul 25 13:02:03 2017 +0100
@@ -0,0 +1,47 @@
+#
+# Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+# @test
+# @bug 8029659
+# @summary Keytool, print key algorithm of certificate or key entry
+#
+
+if [ "${TESTJAVA}" = "" ] ; then
+  JAVAC_CMD=`which javac`
+  TESTJAVA=`dirname $JAVAC_CMD`/..
+fi
+
+KS=ks
+KEYTOOL="$TESTJAVA/bin/keytool ${TESTTOOLVMOPTS} -keystore ks -storepass changeit -keypass changeit"
+
+rm $KS 2> /dev/null
+
+$KEYTOOL -genkeypair -alias ca -dname CN=CA -keyalg EC || exit 1
+$KEYTOOL -genkeypair -alias user -dname CN=User -keyalg RSA -keysize 1024 || exit 2
+$KEYTOOL -certreq -alias user |
+        $KEYTOOL -gencert -alias ca -rfc -sigalg SHA1withECDSA |
+        $KEYTOOL -printcert > user.dump || exit 3
+
+cat user.dump | grep "Signature algorithm name:" | grep SHA1withECDSA || exit 4
+cat user.dump | grep "Subject Public Key Algorithm:" | grep RSA | grep 1024 || exit 5
+