changeset 52948:a6ede2dabe20

8214179: Add groupname info into keytool -list and -genkeypair output Reviewed-by: mullan
author weijun
date Sat, 01 Dec 2018 21:58:05 +0800
parents 290b04fd1846
children bc1fadfd2396
files src/java.base/share/classes/sun/security/tools/keytool/Main.java test/jdk/sun/security/tools/keytool/DeprecateKeyalg.java test/jdk/sun/security/tools/keytool/GroupName.java
diffstat 3 files changed, 41 insertions(+), 15 deletions(-) [+]
line wrap: on
line diff
--- a/src/java.base/share/classes/sun/security/tools/keytool/Main.java	Fri Nov 30 23:46:20 2018 -0800
+++ b/src/java.base/share/classes/sun/security/tools/keytool/Main.java	Sat Dec 01 21:58:05 2018 +0800
@@ -51,6 +51,8 @@
 import java.security.cert.URICertStoreParameters;
 
 
+import java.security.interfaces.ECKey;
+import java.security.spec.ECParameterSpec;
 import java.text.Collator;
 import java.text.MessageFormat;
 import java.util.*;
@@ -70,6 +72,7 @@
 
 import sun.security.util.ECKeySizeParameterSpec;
 import sun.security.util.KeyUtil;
+import sun.security.util.NamedCurve;
 import sun.security.util.ObjectIdentifier;
 import sun.security.pkcs10.PKCS10;
 import sun.security.pkcs10.PKCS10Attribute;
@@ -1882,11 +1885,12 @@
 
         MessageFormat form = new MessageFormat(rb.getString
             ("Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for"));
-        Object[] source = {keysize,
-                            privKey.getAlgorithm(),
-                            chain[0].getSigAlgName(),
-                            validity,
-                            x500Name};
+        Object[] source = {
+                groupName == null ? keysize : KeyUtil.getKeySize(privKey),
+                fullDisplayAlgName(privKey),
+                chain[0].getSigAlgName(),
+                validity,
+                x500Name};
         System.err.println(form.format(source));
 
         if (keyPass == null) {
@@ -3266,19 +3270,28 @@
         }
     }
 
-    private String withWeak(PublicKey key) {
+    private String fullDisplayAlgName(Key key) {
+        String result = key.getAlgorithm();
+        if (key instanceof ECKey) {
+            ECParameterSpec paramSpec = ((ECKey) key).getParams();
+            if (paramSpec instanceof NamedCurve) {
+                result += " (" + paramSpec.toString().split(" ")[0] + ")";
+            }
+        }
+        return result;
+    }
+
+    private String withWeak(Key key) {
+        int kLen = KeyUtil.getKeySize(key);
+        String displayAlg = fullDisplayAlgName(key);
         if (DISABLED_CHECK.permits(SIG_PRIMITIVE_SET, key)) {
-            int kLen = KeyUtil.getKeySize(key);
             if (kLen >= 0) {
-                return String.format(rb.getString("key.bit"),
-                        kLen, key.getAlgorithm());
+                return String.format(rb.getString("key.bit"), kLen, displayAlg);
             } else {
-                return String.format(
-                        rb.getString("unknown.size.1"), key.getAlgorithm());
+                return String.format(rb.getString("unknown.size.1"), displayAlg);
             }
         } else {
-            return String.format(rb.getString("key.bit.weak"),
-                    KeyUtil.getKeySize(key), key.getAlgorithm());
+            return String.format(rb.getString("key.bit.weak"), kLen, displayAlg);
         }
     }
 
--- a/test/jdk/sun/security/tools/keytool/DeprecateKeyalg.java	Fri Nov 30 23:46:20 2018 -0800
+++ b/test/jdk/sun/security/tools/keytool/DeprecateKeyalg.java	Sat Dec 01 21:58:05 2018 +0800
@@ -26,7 +26,7 @@
 
 /**
  * @test
- * @bug 8212003
+ * @bug 8212003 8214179
  * @summary Deprecating the default keytool -keyalg option
  * @library /test/lib
  */
@@ -55,6 +55,15 @@
                 .shouldContain("Generated")
                 .shouldContain("default key algorithm (DES)")
                 .shouldContain("-keyalg option must be specified");
+
+        kt("-genkeypair -alias e -dname CN=e -keyalg EC -groupname brainpoolP256r1")
+                .shouldContain("Generating 256 bit EC (brainpoolP256r1) key pair");
+
+        kt("-genkeypair -alias f -dname CN=f -keyalg EC")
+                .shouldContain("Generating 256 bit EC (secp256r1) key pair");
+
+        kt("-genkeypair -alias g -dname CN=g -keyalg EC -keysize 384")
+                .shouldContain("Generating 384 bit EC (secp384r1) key pair");
     }
 
     private static OutputAnalyzer kt(String cmd) throws Throwable {
--- a/test/jdk/sun/security/tools/keytool/GroupName.java	Fri Nov 30 23:46:20 2018 -0800
+++ b/test/jdk/sun/security/tools/keytool/GroupName.java	Sat Dec 01 21:58:05 2018 +0800
@@ -31,7 +31,7 @@
 
 /**
  * @test
- * @bug 8213400
+ * @bug 8213400 8214179
  * @summary Support choosing group name in keytool keypair generation
  * @library /test/lib
  */
@@ -69,6 +69,10 @@
                 .shouldHaveExitValue(0)
                 .shouldNotContain("Specifying -keysize for generating EC keys is deprecated");
         checkCurveName("f", "brainpoolP256r1");
+
+        kt("-list -v")
+                .shouldHaveExitValue(0)
+                .shouldContain("Subject Public Key Algorithm: 256-bit EC (secp256r1) key");
     }
 
     private static void checkCurveName(String a, String name)