changeset 17395:3327672f610d

8133910: Some sun/security/tools tests failed. Reviewed-by: xuelei
author weijun
date Thu, 11 Aug 2016 13:10:54 +0800
parents 28e938880be3
children 4b3a8f572544
files test/sun/security/tools/jarsigner/TimestampCheck.java test/sun/security/tools/jarsigner/TsacertOptionTest.java test/sun/security/tools/jarsigner/concise_jarsigner.sh test/sun/security/tools/jarsigner/default_options.sh test/sun/security/tools/jarsigner/warnings/AliasNotInStoreTest.java test/sun/security/tools/jarsigner/warnings/BadExtendedKeyUsageTest.java test/sun/security/tools/jarsigner/warnings/BadKeyUsageTest.java test/sun/security/tools/jarsigner/warnings/BadNetscapeCertTypeTest.java test/sun/security/tools/jarsigner/warnings/ChainNotValidatedTest.java test/sun/security/tools/jarsigner/warnings/HasExpiredCertTest.java test/sun/security/tools/jarsigner/warnings/HasExpiringCertTest.java test/sun/security/tools/jarsigner/warnings/HasUnsignedEntryTest.java test/sun/security/tools/jarsigner/warnings/MultipleWarningsTest.java test/sun/security/tools/jarsigner/warnings/NoTimestampTest.java test/sun/security/tools/jarsigner/warnings/NotSignedByAliasTest.java test/sun/security/tools/jarsigner/warnings/NotYetValidCertTest.java test/sun/security/tools/jarsigner/warnings/Test.java test/sun/security/tools/jarsigner/weaksize.sh test/sun/security/tools/keytool/default_options.sh test/sun/security/tools/keytool/file-in-help.sh test/sun/security/tools/keytool/keyalg.sh test/sun/security/tools/keytool/newhelp.sh
diffstat 22 files changed, 110 insertions(+), 102 deletions(-) [+]
line wrap: on
line diff
--- a/test/sun/security/tools/jarsigner/TimestampCheck.java	Wed Aug 10 15:51:25 2016 -0700
+++ b/test/sun/security/tools/jarsigner/TimestampCheck.java	Thu Aug 11 13:10:54 2016 +0800
@@ -311,6 +311,7 @@
 
             cmd += " " + System.getProperty("test.tool.vm.opts")
                     + " -J-Djava.security.egd=file:/dev/./urandom"
+                    + " -J-Duser.language=en -J-Duser.country=US"
                     + " -debug -keystore " + TSKS + " -storepass changeit"
                     + " -tsa http://localhost:" + port + "/%d"
                     + " -signedjar new_%d.jar " + JAR + " old";
--- a/test/sun/security/tools/jarsigner/TsacertOptionTest.java	Wed Aug 10 15:51:25 2016 -0700
+++ b/test/sun/security/tools/jarsigner/TsacertOptionTest.java	Thu Aug 11 13:10:54 2016 +0800
@@ -22,14 +22,13 @@
  */
 
 import jdk.testlibrary.OutputAnalyzer;
-import jdk.testlibrary.ProcessTools;
 import jdk.testlibrary.JarUtils;
 
 /**
  * @test
  * @bug 8024302 8026037
  * @summary The test signs and verifies a jar file with -tsacert option
- * @library /lib/testlibrary
+ * @library /lib/testlibrary warnings
  * @modules java.base/sun.security.pkcs
  *          java.base/sun.security.timestamp
  *          java.base/sun.security.util
@@ -37,29 +36,14 @@
  *          java.management
  * @run main TsacertOptionTest
  */
-public class TsacertOptionTest {
+public class TsacertOptionTest extends Test {
 
-    private static final String FS = System.getProperty("file.separator");
-    private static final String JAVA_HOME = System.getProperty("java.home");
-    private static final String KEYTOOL = JAVA_HOME + FS + "bin" + FS
-            + "keytool";
-    private static final String JARSIGNER = JAVA_HOME + FS + "bin" + FS
-            + "jarsigner";
-    private static final String UNSIGNED_JARFILE = "unsigned.jar";
-    private static final String SIGNED_JARFILE = "signed.jar";
     private static final String FILENAME = TsacertOptionTest.class.getName()
             + ".txt";
-    private static final String PASSWORD = "changeit";
-    private static final String KEYSTORE = "ks.jks";
-    private static final String CA_KEY_ALIAS = "ca";
     private static final String SIGNING_KEY_ALIAS = "sign_alias";
     private static final String TSA_KEY_ALIAS = "ts";
-    private static final String KEY_ALG = "RSA";
-    private static final int KEY_SIZE = 2048;
-    private static final int VALIDITY = 365;
-    private static final String WARNING = "Warning:";
-    private static final String JAR_SIGNED = "jar signed.";
-    private static final String JAR_VERIFIED = "jar verified.";
+
+    private static final String PASSWORD = "changeit";
 
     /**
      * The test signs and verifies a jar file with -tsacert option,
@@ -78,7 +62,7 @@
         JarUtils.createJar(UNSIGNED_JARFILE, FILENAME);
 
         // create key pair for jar signing
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-genkey",
                 "-alias", CA_KEY_ALIAS,
                 "-keyalg", KEY_ALG,
@@ -88,7 +72,7 @@
                 "-keypass", PASSWORD,
                 "-dname", "CN=CA",
                 "-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-genkey",
                 "-alias", SIGNING_KEY_ALIAS,
                 "-keyalg", KEY_ALG,
@@ -97,14 +81,14 @@
                 "-storepass", PASSWORD,
                 "-keypass", PASSWORD,
                 "-dname", "CN=Test").shouldHaveExitValue(0);
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-certreq",
                 "-alias", SIGNING_KEY_ALIAS,
                 "-keystore", KEYSTORE,
                 "-storepass", PASSWORD,
                 "-keypass", PASSWORD,
                 "-file", "certreq").shouldHaveExitValue(0);
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-gencert",
                 "-alias", CA_KEY_ALIAS,
                 "-keystore", KEYSTORE,
@@ -113,7 +97,7 @@
                 "-validity", Integer.toString(VALIDITY),
                 "-infile", "certreq",
                 "-outfile", "cert").shouldHaveExitValue(0);
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-importcert",
                 "-alias", SIGNING_KEY_ALIAS,
                 "-keystore", KEYSTORE,
@@ -132,7 +116,7 @@
 
             // create key pair for TSA service
             // SubjectInfoAccess extension contains URL to TSA service
-            ProcessTools.executeCommand(KEYTOOL,
+            keytool(
                     "-genkey",
                     "-v",
                     "-alias", TSA_KEY_ALIAS,
@@ -152,7 +136,7 @@
             // sign jar file
             // specify -tsadigestalg option because
             // TSA server uses SHA-1 digest algorithm
-             OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
+             OutputAnalyzer analyzer = jarsigner(
                     "-J-Dhttp.proxyHost=",
                     "-J-Dhttp.proxyPort=",
                     "-J-Djava.net.useSystemProxies=",
@@ -171,7 +155,7 @@
             analyzer.shouldContain(JAR_SIGNED);
 
             // verify signed jar
-            analyzer = ProcessTools.executeCommand(JARSIGNER,
+            analyzer = jarsigner(
                     "-verbose",
                     "-verify",
                     "-keystore", KEYSTORE,
--- a/test/sun/security/tools/jarsigner/concise_jarsigner.sh	Wed Aug 10 15:51:25 2016 -0700
+++ b/test/sun/security/tools/jarsigner/concise_jarsigner.sh	Thu Aug 11 13:10:54 2016 +0800
@@ -47,6 +47,8 @@
 # Choose 1024-bit RSA to make sure it runs fine and fast on all platforms. In
 # fact, every keyalg/keysize combination is OK for this test.
 
+TESTTOOLVMOPTS="$TESTTOOLVMOPTS -J-Duser.language=en -J-Duser.country=US"
+
 KS=js.ks
 KT="$TESTJAVA${FS}bin${FS}keytool ${TESTTOOLVMOPTS} -storepass changeit -keypass changeit -keystore $KS -keyalg rsa -keysize 1024"
 JAR="$TESTJAVA${FS}bin${FS}jar ${TESTTOOLVMOPTS}"
--- a/test/sun/security/tools/jarsigner/default_options.sh	Wed Aug 10 15:51:25 2016 -0700
+++ b/test/sun/security/tools/jarsigner/default_options.sh	Thu Aug 11 13:10:54 2016 +0800
@@ -34,6 +34,8 @@
 PASS=changeit
 export PASS
 
+TESTTOOLVMOPTS="$TESTTOOLVMOPTS -J-Duser.language=en -J-Duser.country=US"
+
 KS=ks
 KEYTOOL="$TESTJAVA/bin/keytool ${TESTTOOLVMOPTS} -storepass:env PASS -keypass:env PASS -keystore $KS"
 JAR="$TESTJAVA/bin/jar ${TESTTOOLVMOPTS}"
--- a/test/sun/security/tools/jarsigner/warnings/AliasNotInStoreTest.java	Wed Aug 10 15:51:25 2016 -0700
+++ b/test/sun/security/tools/jarsigner/warnings/AliasNotInStoreTest.java	Thu Aug 11 13:10:54 2016 +0800
@@ -22,7 +22,6 @@
  */
 
 import jdk.testlibrary.OutputAnalyzer;
-import jdk.testlibrary.ProcessTools;
 import jdk.testlibrary.JarUtils;
 
 /**
@@ -51,7 +50,7 @@
         JarUtils.createJar(UNSIGNED_JARFILE, FIRST_FILE);
 
         // create first key pair for signing
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-genkey",
                 "-alias", FIRST_KEY_ALIAS,
                 "-keyalg", KEY_ALG,
@@ -63,7 +62,7 @@
                 "-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
 
         // create second key pair for signing
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-genkey",
                 "-alias", SECOND_KEY_ALIAS,
                 "-keyalg", KEY_ALG,
@@ -75,7 +74,7 @@
                 "-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
 
         // sign jar with first key
-        OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
+        OutputAnalyzer analyzer = jarsigner(
                 "-keystore", BOTH_KEYS_KEYSTORE,
                 "-storepass", PASSWORD,
                 "-keypass", PASSWORD,
@@ -92,7 +91,7 @@
         JarUtils.updateJar(SIGNED_JARFILE, UPDATED_SIGNED_JARFILE, SECOND_FILE);
 
         // sign jar with second key
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-keystore", BOTH_KEYS_KEYSTORE,
                 "-storepass", PASSWORD,
                 "-keypass", PASSWORD,
@@ -102,7 +101,7 @@
         checkSigning(analyzer);
 
         // create keystore that contains only first key
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-importkeystore",
                 "-srckeystore", BOTH_KEYS_KEYSTORE,
                 "-srcalias", FIRST_KEY_ALIAS,
@@ -116,7 +115,7 @@
         // verify jar with keystore that contains only first key in strict mode,
         // so there is signed entry (FirstClass.class) that is not signed
         // by any alias in the keystore
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-verbose",
                 "-keystore", FIRST_KEY_KEYSTORE,
@@ -128,7 +127,7 @@
                 ALIAS_NOT_IN_STORE_VERIFYING_WARNING);
 
         // verify jar with keystore that contains only first key in strict mode
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-verbose",
                 "-strict",
--- a/test/sun/security/tools/jarsigner/warnings/BadExtendedKeyUsageTest.java	Wed Aug 10 15:51:25 2016 -0700
+++ b/test/sun/security/tools/jarsigner/warnings/BadExtendedKeyUsageTest.java	Thu Aug 11 13:10:54 2016 +0800
@@ -22,7 +22,6 @@
  */
 
 import jdk.testlibrary.OutputAnalyzer;
-import jdk.testlibrary.ProcessTools;
 import jdk.testlibrary.JarUtils;
 
 /**
@@ -52,7 +51,7 @@
 
         // create a certificate whose signer certificate's
         // ExtendedKeyUsage extension doesn't allow code signing
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-genkey",
                 "-alias", KEY_ALIAS,
                 "-keyalg", KEY_ALG,
@@ -65,7 +64,7 @@
                 "-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
 
         // sign jar
-        OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
+        OutputAnalyzer analyzer = jarsigner(
                 "-verbose",
                 "-keystore", KEYSTORE,
                 "-storepass", PASSWORD,
@@ -77,7 +76,7 @@
         checkSigning(analyzer, BAD_EXTENDED_KEY_USAGE_SIGNING_WARNING);
 
         // verify signed jar
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-verbose",
                 "-keystore", KEYSTORE,
@@ -88,7 +87,7 @@
         checkVerifying(analyzer, 0, BAD_EXTENDED_KEY_USAGE_VERIFYING_WARNING);
 
         // verity signed jar in strict mode
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-verbose",
                 "-strict",
--- a/test/sun/security/tools/jarsigner/warnings/BadKeyUsageTest.java	Wed Aug 10 15:51:25 2016 -0700
+++ b/test/sun/security/tools/jarsigner/warnings/BadKeyUsageTest.java	Thu Aug 11 13:10:54 2016 +0800
@@ -22,7 +22,6 @@
  */
 
 import jdk.testlibrary.OutputAnalyzer;
-import jdk.testlibrary.ProcessTools;
 import jdk.testlibrary.JarUtils;
 
 /**
@@ -53,7 +52,7 @@
 
         // create a certificate whose signer certificate's KeyUsage extension
         // doesn't allow code signing
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-genkey",
                 "-alias", KEY_ALIAS,
                 "-keyalg", KEY_ALG,
@@ -66,7 +65,7 @@
                 "-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
 
         // sign jar
-        OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
+        OutputAnalyzer analyzer = jarsigner(
                 "-verbose",
                 "-keystore", KEYSTORE,
                 "-storepass", PASSWORD,
@@ -78,7 +77,7 @@
         checkSigning(analyzer, BAD_KEY_USAGE_SIGNING_WARNING);
 
         // verify signed jar
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-verbose",
                 "-keystore", KEYSTORE,
@@ -89,7 +88,7 @@
         checkVerifying(analyzer, 0, BAD_KEY_USAGE_VERIFYING_WARNING);
 
         // verify signed jar in strict mode
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-verbose",
                 "-strict",
--- a/test/sun/security/tools/jarsigner/warnings/BadNetscapeCertTypeTest.java	Wed Aug 10 15:51:25 2016 -0700
+++ b/test/sun/security/tools/jarsigner/warnings/BadNetscapeCertTypeTest.java	Thu Aug 11 13:10:54 2016 +0800
@@ -22,7 +22,6 @@
  */
 
 import jdk.testlibrary.OutputAnalyzer;
-import jdk.testlibrary.ProcessTools;
 import jdk.testlibrary.JarUtils;
 
 import java.nio.file.Files;
@@ -67,7 +66,7 @@
         JarUtils.createJar(UNSIGNED_JARFILE, FIRST_FILE);
 
         // sign jar
-        OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
+        OutputAnalyzer analyzer = jarsigner(
                 "-verbose",
                 "-keystore", NETSCAPE_KEYSTORE,
                 "-storepass", PASSWORD,
@@ -79,7 +78,7 @@
         checkSigning(analyzer, BAD_NETSCAPE_CERT_TYPE_SIGNING_WARNING);
 
         // verify signed jar
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-verbose",
                 "-keystore", NETSCAPE_KEYSTORE,
@@ -90,7 +89,7 @@
         checkVerifying(analyzer, 0, BAD_NETSCAPE_CERT_TYPE_VERIFYING_WARNING);
 
         // verify signed jar in strict mode
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-verbose",
                 "-strict",
--- a/test/sun/security/tools/jarsigner/warnings/ChainNotValidatedTest.java	Wed Aug 10 15:51:25 2016 -0700
+++ b/test/sun/security/tools/jarsigner/warnings/ChainNotValidatedTest.java	Thu Aug 11 13:10:54 2016 +0800
@@ -55,7 +55,7 @@
         // create self-signed certificate whose BasicConstraints extension
         // is set to false, so the certificate may not be used
         // as a parent certificate (certpath validation should fail)
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-genkeypair",
                 "-alias", CA_KEY_ALIAS,
                 "-keyalg", KEY_ALG,
@@ -70,7 +70,7 @@
         // create a certificate that is signed by self-signed certificate
         // despite of it may not be used as a parent certificate
         // (certpath validation should fail)
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-genkeypair",
                 "-alias", KEY_ALIAS,
                 "-keyalg", KEY_ALG,
@@ -82,7 +82,7 @@
                 "-ext", "BasicConstraints:critical=ca:false",
                 "-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
 
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-certreq",
                 "-alias", KEY_ALIAS,
                 "-keystore", KEYSTORE,
@@ -90,7 +90,7 @@
                 "-keypass", PASSWORD,
                 "-file", CERT_REQUEST_FILENAME).shouldHaveExitValue(0);
 
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-gencert",
                 "-alias", CA_KEY_ALIAS,
                 "-keystore", KEYSTORE,
@@ -100,7 +100,7 @@
                 "-validity", Integer.toString(VALIDITY),
                 "-outfile", CERT_FILENAME).shouldHaveExitValue(0);
 
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-importcert",
                 "-alias", KEY_ALIAS,
                 "-keystore", KEYSTORE,
@@ -129,7 +129,7 @@
         ProcessTools.executeCommand(pb).shouldHaveExitValue(0);
 
         // remove CA certificate
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-delete",
                 "-alias", CA_KEY_ALIAS,
                 "-keystore", KEYSTORE,
@@ -137,7 +137,7 @@
                 "-keypass", PASSWORD).shouldHaveExitValue(0);
 
         // sign jar
-        OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
+        OutputAnalyzer analyzer = jarsigner(
                 "-keystore", KEYSTORE,
                 "-storepass", PASSWORD,
                 "-keypass", PASSWORD,
@@ -149,7 +149,7 @@
         checkSigning(analyzer, CHAIN_NOT_VALIDATED_SIGNING_WARNING);
 
         // verify signed jar
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-verbose",
                 "-keystore", KEYSTORE,
@@ -161,7 +161,7 @@
         checkVerifying(analyzer, 0, CHAIN_NOT_VALIDATED_VERIFYING_WARNING);
 
         // verify signed jar in strict mode
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-verbose",
                 "-strict",
--- a/test/sun/security/tools/jarsigner/warnings/HasExpiredCertTest.java	Wed Aug 10 15:51:25 2016 -0700
+++ b/test/sun/security/tools/jarsigner/warnings/HasExpiredCertTest.java	Thu Aug 11 13:10:54 2016 +0800
@@ -22,7 +22,6 @@
  */
 
 import jdk.testlibrary.OutputAnalyzer;
-import jdk.testlibrary.ProcessTools;
 import jdk.testlibrary.JarUtils;
 
 /**
@@ -52,7 +51,7 @@
         JarUtils.createJar(UNSIGNED_JARFILE, FIRST_FILE);
 
         // create key pair for jar signing
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-genkey",
                 "-alias", KEY_ALIAS,
                 "-keyalg", KEY_ALG,
@@ -66,7 +65,7 @@
                 .shouldHaveExitValue(0);
 
         // sign jar
-        OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
+        OutputAnalyzer analyzer = jarsigner(
                 "-keystore", KEYSTORE,
                 "-storepass", PASSWORD,
                 "-keypass", PASSWORD,
@@ -77,7 +76,7 @@
         checkSigning(analyzer, HAS_EXPIRED_CERT_SIGNING_WARNING);
 
         // verify signed jar
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-verbose",
                 "-keystore", KEYSTORE,
@@ -87,7 +86,7 @@
 
         checkVerifying(analyzer, 0, HAS_EXPIRED_CERT_VERIFYING_WARNING);
 
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-strict",
                 "-keystore", KEYSTORE,
--- a/test/sun/security/tools/jarsigner/warnings/HasExpiringCertTest.java	Wed Aug 10 15:51:25 2016 -0700
+++ b/test/sun/security/tools/jarsigner/warnings/HasExpiringCertTest.java	Thu Aug 11 13:10:54 2016 +0800
@@ -22,7 +22,6 @@
  */
 
 import jdk.testlibrary.OutputAnalyzer;
-import jdk.testlibrary.ProcessTools;
 import jdk.testlibrary.JarUtils;
 
 /**
@@ -52,7 +51,7 @@
         JarUtils.createJar(UNSIGNED_JARFILE, FIRST_FILE);
 
         // create key pair for jar signing
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-genkey",
                 "-alias", KEY_ALIAS,
                 "-keyalg", KEY_ALG,
@@ -65,7 +64,7 @@
                 .shouldHaveExitValue(0);
 
         // sign jar
-        OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
+        OutputAnalyzer analyzer = jarsigner(
                 "-keystore", KEYSTORE,
                 "-verbose",
                 "-storepass", PASSWORD,
@@ -77,7 +76,7 @@
         checkSigning(analyzer, HAS_EXPIRING_CERT_SIGNING_WARNING);
 
         // verify signed jar
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-verbose",
                 "-keystore", KEYSTORE,
@@ -89,7 +88,7 @@
         checkVerifying(analyzer, 0, HAS_EXPIRING_CERT_VERIFYING_WARNING);
 
         // verify signed jar in strict mode
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-verbose",
                 "-strict",
--- a/test/sun/security/tools/jarsigner/warnings/HasUnsignedEntryTest.java	Wed Aug 10 15:51:25 2016 -0700
+++ b/test/sun/security/tools/jarsigner/warnings/HasUnsignedEntryTest.java	Thu Aug 11 13:10:54 2016 +0800
@@ -22,7 +22,6 @@
  */
 
 import jdk.testlibrary.OutputAnalyzer;
-import jdk.testlibrary.ProcessTools;
 import jdk.testlibrary.JarUtils;
 
 /**
@@ -51,7 +50,7 @@
         JarUtils.createJar(UNSIGNED_JARFILE, FIRST_FILE);
 
         // create key pair for signing
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-genkey",
                 "-alias", KEY_ALIAS,
                 "-keyalg", KEY_ALG,
@@ -63,7 +62,7 @@
                 "-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
 
         // sign jar
-        OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
+        OutputAnalyzer analyzer = jarsigner(
                 "-verbose",
                 "-keystore", KEYSTORE,
                 "-storepass", PASSWORD,
@@ -82,7 +81,7 @@
         JarUtils.updateJar(SIGNED_JARFILE, UPDATED_SIGNED_JARFILE, SECOND_FILE);
 
         // verify jar
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-verbose",
                 "-keystore", KEYSTORE,
@@ -93,7 +92,7 @@
         checkVerifying(analyzer, 0, HAS_UNSIGNED_ENTRY_VERIFYING_WARNING);
 
         // verify jar in strict mode
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-verbose",
                 "-strict",
--- a/test/sun/security/tools/jarsigner/warnings/MultipleWarningsTest.java	Wed Aug 10 15:51:25 2016 -0700
+++ b/test/sun/security/tools/jarsigner/warnings/MultipleWarningsTest.java	Thu Aug 11 13:10:54 2016 +0800
@@ -22,7 +22,6 @@
  */
 
 import jdk.testlibrary.OutputAnalyzer;
-import jdk.testlibrary.ProcessTools;
 import jdk.testlibrary.JarUtils;
 
 /**
@@ -56,7 +55,7 @@
 
         // create first expired certificate
         // whose ExtendedKeyUsage extension does not allow code signing
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-genkey",
                 "-alias", FIRST_KEY_ALIAS,
                 "-keyalg", KEY_ALG,
@@ -71,7 +70,7 @@
 
         // create second expired certificate
         // whose KeyUsage extension does not allow code signing
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-genkey",
                 "-alias", SECOND_KEY_ALIAS,
                 "-keyalg", KEY_ALG,
@@ -85,7 +84,7 @@
                 "-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
 
         // sign jar with first key
-        OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
+        OutputAnalyzer analyzer = jarsigner(
                 "-keystore", KEYSTORE,
                 "-storepass", PASSWORD,
                 "-keypass", PASSWORD,
@@ -100,7 +99,7 @@
         JarUtils.updateJar(SIGNED_JARFILE, UPDATED_SIGNED_JARFILE, SECOND_FILE);
 
         // verify jar with second key
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-keystore", KEYSTORE,
                 "-storepass", PASSWORD,
@@ -114,7 +113,7 @@
                 NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING);
 
         // verify jar with second key in strict mode
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-strict",
                 "-keystore", KEYSTORE,
@@ -134,7 +133,7 @@
                 NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING);
 
         // verify jar with non-exisiting alias
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-keystore", KEYSTORE,
                 "-storepass", PASSWORD,
@@ -148,7 +147,7 @@
                 NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING);
 
         // verify jar with non-exisiting alias in strict mode
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-strict",
                 "-keystore", KEYSTORE,
--- a/test/sun/security/tools/jarsigner/warnings/NoTimestampTest.java	Wed Aug 10 15:51:25 2016 -0700
+++ b/test/sun/security/tools/jarsigner/warnings/NoTimestampTest.java	Thu Aug 11 13:10:54 2016 +0800
@@ -23,7 +23,6 @@
 
 import java.util.Date;
 import jdk.testlibrary.OutputAnalyzer;
-import jdk.testlibrary.ProcessTools;
 import jdk.testlibrary.JarUtils;
 
 /**
@@ -57,7 +56,7 @@
                 * 24 * 60 * 60 * 1000L);
 
         // create key pair
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-genkey",
                 "-alias", KEY_ALIAS,
                 "-keyalg", KEY_ALG,
@@ -69,7 +68,7 @@
                 "-validity", Integer.toString(VALIDITY));
 
         // sign jar file
-        OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
+        OutputAnalyzer analyzer = jarsigner(
                 "-J-Duser.timezone=" + timezone,
                 "-keystore", KEYSTORE,
                 "-storepass", PASSWORD,
@@ -83,7 +82,7 @@
         checkSigning(analyzer, warning);
 
         // verify signed jar
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-J-Duser.timezone=" + timezone,
                 "-verify",
                 "-keystore", KEYSTORE,
@@ -96,7 +95,7 @@
         checkVerifying(analyzer, 0, warning);
 
         // verify signed jar in strict mode
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-J-Duser.timezone=" + timezone,
                 "-verify",
                 "-strict",
--- a/test/sun/security/tools/jarsigner/warnings/NotSignedByAliasTest.java	Wed Aug 10 15:51:25 2016 -0700
+++ b/test/sun/security/tools/jarsigner/warnings/NotSignedByAliasTest.java	Thu Aug 11 13:10:54 2016 +0800
@@ -22,7 +22,6 @@
  */
 
 import jdk.testlibrary.OutputAnalyzer;
-import jdk.testlibrary.ProcessTools;
 import jdk.testlibrary.JarUtils;
 
 /**
@@ -50,7 +49,7 @@
         JarUtils.createJar(UNSIGNED_JARFILE, FIRST_FILE);
 
         // create first key pair for signing
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-genkey",
                 "-alias", FIRST_KEY_ALIAS,
                 "-keyalg", KEY_ALG,
@@ -62,7 +61,7 @@
                 "-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
 
         // create first key pair for signing
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-genkey",
                 "-alias", SECOND_KEY_ALIAS,
                 "-keyalg", KEY_ALG,
@@ -74,7 +73,7 @@
                 "-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
 
         // sign jar with first key
-        OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
+        OutputAnalyzer analyzer = jarsigner(
                 "-keystore", KEYSTORE,
                 "-storepass", PASSWORD,
                 "-keypass", PASSWORD,
@@ -85,7 +84,7 @@
         checkSigning(analyzer);
 
         // verify jar with second key
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-keystore", KEYSTORE,
                 "-storepass", PASSWORD,
@@ -96,7 +95,7 @@
         checkVerifying(analyzer, 0, NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING);
 
         // verify jar with second key in strict mode
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-strict",
                 "-keystore", KEYSTORE,
@@ -109,7 +108,7 @@
                 NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING);
 
         // verify jar with non-existing alias
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-keystore", KEYSTORE,
                 "-storepass", PASSWORD,
@@ -120,7 +119,7 @@
         checkVerifying(analyzer, 0, NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING);
 
         // verify jar with non-existing alias in strict mode
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-strict",
                 "-keystore", KEYSTORE,
--- a/test/sun/security/tools/jarsigner/warnings/NotYetValidCertTest.java	Wed Aug 10 15:51:25 2016 -0700
+++ b/test/sun/security/tools/jarsigner/warnings/NotYetValidCertTest.java	Thu Aug 11 13:10:54 2016 +0800
@@ -22,7 +22,6 @@
  */
 
 import jdk.testlibrary.OutputAnalyzer;
-import jdk.testlibrary.ProcessTools;
 import jdk.testlibrary.JarUtils;
 
 /**
@@ -50,7 +49,7 @@
         JarUtils.createJar(UNSIGNED_JARFILE, FIRST_FILE);
 
         // create certificate that will be valid only tomorrow
-        ProcessTools.executeCommand(KEYTOOL,
+        keytool(
                 "-genkey",
                 "-alias", KEY_ALIAS,
                 "-keyalg", KEY_ALG,
@@ -63,7 +62,7 @@
                 "-validity", Integer.toString(VALIDITY));
 
         // sign jar
-        OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
+        OutputAnalyzer analyzer = jarsigner(
                 "-keystore", KEYSTORE,
                 "-storepass", PASSWORD,
                 "-keypass", PASSWORD,
@@ -74,7 +73,7 @@
         checkSigning(analyzer, NOT_YET_VALID_CERT_SIGNING_WARNING);
 
         // verify signed jar
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-verbose",
                 "-keystore", KEYSTORE,
@@ -86,7 +85,7 @@
         checkVerifying(analyzer, 0, NOT_YET_VALID_CERT_VERIFYING_WARNING);
 
         // verify jar in strict mode
-        analyzer = ProcessTools.executeCommand(JARSIGNER,
+        analyzer = jarsigner(
                 "-verify",
                 "-verbose",
                 "-strict",
--- a/test/sun/security/tools/jarsigner/warnings/Test.java	Wed Aug 10 15:51:25 2016 -0700
+++ b/test/sun/security/tools/jarsigner/warnings/Test.java	Thu Aug 11 13:10:54 2016 +0800
@@ -22,6 +22,11 @@
  */
 
 import jdk.testlibrary.OutputAnalyzer;
+import jdk.testlibrary.ProcessTools;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
 
 /**
  * Base class.
@@ -175,4 +180,21 @@
         }
         analyzer.shouldContain(JAR_SIGNED);
     }
+
+    protected OutputAnalyzer keytool(String... cmd) throws Throwable {
+        return tool(KEYTOOL, cmd);
+    }
+
+    protected OutputAnalyzer jarsigner(String... cmd) throws Throwable {
+        return tool(JARSIGNER, cmd);
+    }
+
+    private OutputAnalyzer tool(String tool, String... args) throws Throwable {
+        List<String> cmd = new ArrayList<>();
+        cmd.add(tool);
+        cmd.add("-J-Duser.language=en");
+        cmd.add("-J-Duser.country=US");
+        cmd.addAll(Arrays.asList(args));
+        return ProcessTools.executeCommand(cmd.toArray(new String[cmd.size()]));
+    }
 }
--- a/test/sun/security/tools/jarsigner/weaksize.sh	Wed Aug 10 15:51:25 2016 -0700
+++ b/test/sun/security/tools/jarsigner/weaksize.sh	Thu Aug 11 13:10:54 2016 +0800
@@ -31,6 +31,8 @@
   TESTJAVA=`dirname $JAVAC_CMD`/..
 fi
 
+TESTTOOLVMOPTS="$TESTTOOLVMOPTS -J-Duser.language=en -J-Duser.country=US"
+
 # The sigalg used is MD2withRSA, which is obsolete.
 
 KT="$TESTJAVA/bin/keytool ${TESTTOOLVMOPTS} -keystore ks
--- a/test/sun/security/tools/keytool/default_options.sh	Wed Aug 10 15:51:25 2016 -0700
+++ b/test/sun/security/tools/keytool/default_options.sh	Thu Aug 11 13:10:54 2016 +0800
@@ -31,6 +31,8 @@
   TESTJAVA=`dirname $JAVAC_CMD`/..
 fi
 
+TESTTOOLVMOPTS="$TESTTOOLVMOPTS -J-Duser.language=en -J-Duser.country=US"
+
 KS=ks
 KEYTOOL="$TESTJAVA/bin/keytool ${TESTTOOLVMOPTS}"
 
--- a/test/sun/security/tools/keytool/file-in-help.sh	Wed Aug 10 15:51:25 2016 -0700
+++ b/test/sun/security/tools/keytool/file-in-help.sh	Thu Aug 11 13:10:54 2016 +0800
@@ -42,7 +42,8 @@
     ;;
 esac
 
-LANG=C
+TESTTOOLVMOPTS="$TESTTOOLVMOPTS -J-Duser.language=en -J-Duser.country=US"
+
 $TESTJAVA${FS}bin${FS}keytool ${TESTTOOLVMOPTS} -printcertreq -help 2> h1 || exit 1
 $TESTJAVA${FS}bin${FS}keytool ${TESTTOOLVMOPTS} -exportcert -help 2> h2 || exit 2
 
--- a/test/sun/security/tools/keytool/keyalg.sh	Wed Aug 10 15:51:25 2016 -0700
+++ b/test/sun/security/tools/keytool/keyalg.sh	Thu Aug 11 13:10:54 2016 +0800
@@ -31,6 +31,8 @@
   TESTJAVA=`dirname $JAVAC_CMD`/..
 fi
 
+TESTTOOLVMOPTS="$TESTTOOLVMOPTS -J-Duser.language=en -J-Duser.country=US"
+
 KS=ks
 KEYTOOL="$TESTJAVA/bin/keytool ${TESTTOOLVMOPTS} -keystore ks -storepass changeit -keypass changeit"
 
--- a/test/sun/security/tools/keytool/newhelp.sh	Wed Aug 10 15:51:25 2016 -0700
+++ b/test/sun/security/tools/keytool/newhelp.sh	Thu Aug 11 13:10:54 2016 +0800
@@ -42,7 +42,8 @@
     ;;
 esac
 
-LANG=C
+TESTTOOLVMOPTS="$TESTTOOLVMOPTS -J-Duser.language=en -J-Duser.country=US"
+
 $TESTJAVA${FS}bin${FS}keytool ${TESTTOOLVMOPTS} -help 2> h1 || exit 1
 $TESTJAVA${FS}bin${FS}keytool ${TESTTOOLVMOPTS} -help -list 2> h2 || exit 2