archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-27 06:45:07 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8214179: Add groupname info into keytool -list and -genkeypair output

Browse source 
Reviewed-by: mullan
This commit is contained in:
Weijun Wang 2018-12-01 21:58:05 +08:00
parent 97bccb2053
commit 320616a865
3 changed files with 41 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

33
src/java.base/share/classes/sun/security/tools/keytool/Main.java
View file

@ -51,6 +51,8 @@ import java.security.cert.CertificateException;
import java.security.cert.URICertStoreParameters; import java.security.cert.URICertStoreParameters;
import java.security.interfaces.ECKey;
import java.security.spec.ECParameterSpec;
import java.text.Collator; import java.text.Collator;
import java.text.MessageFormat; import java.text.MessageFormat;
import java.util.*; import java.util.*;
@ -70,6 +72,7 @@ import java.util.Base64;
import sun.security.util.ECKeySizeParameterSpec; import sun.security.util.ECKeySizeParameterSpec;
import sun.security.util.KeyUtil; import sun.security.util.KeyUtil;
import sun.security.util.NamedCurve;
import sun.security.util.ObjectIdentifier; import sun.security.util.ObjectIdentifier;
import sun.security.pkcs10.PKCS10; import sun.security.pkcs10.PKCS10;
import sun.security.pkcs10.PKCS10Attribute; import sun.security.pkcs10.PKCS10Attribute;
@ -1882,8 +1885,9 @@ public final class Main {
MessageFormat form = new MessageFormat(rb.getString MessageFormat form = new MessageFormat(rb.getString
("Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for")); ("Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for"));
Object[] source = {keysize, Object[] source = {
privKey.getAlgorithm(), groupName == null ? keysize : KeyUtil.getKeySize(privKey),
fullDisplayAlgName(privKey),
chain[0].getSigAlgName(), chain[0].getSigAlgName(),
validity, validity,
x500Name}; x500Name};
@ -3266,19 +3270,28 @@ public final class Main {
} }
} }
private String withWeak(PublicKey key) { private String fullDisplayAlgName(Key key) {
if (DISABLED_CHECK.permits(SIG_PRIMITIVE_SET, key)) { String result = key.getAlgorithm();
if (key instanceof ECKey) {
ECParameterSpec paramSpec = ((ECKey) key).getParams();
if (paramSpec instanceof NamedCurve) {
result += " (" + paramSpec.toString().split(" ")[0] + ")";
}
}
return result;
}
private String withWeak(Key key) {
int kLen = KeyUtil.getKeySize(key); int kLen = KeyUtil.getKeySize(key);
String displayAlg = fullDisplayAlgName(key);
if (DISABLED_CHECK.permits(SIG_PRIMITIVE_SET, key)) {
if (kLen >= 0) { if (kLen >= 0) {
return String.format(rb.getString("key.bit"), return String.format(rb.getString("key.bit"), kLen, displayAlg);
kLen, key.getAlgorithm());
} else { } else {
return String.format( return String.format(rb.getString("unknown.size.1"), displayAlg);
rb.getString("unknown.size.1"), key.getAlgorithm());
} }
} else { } else {
return String.format(rb.getString("key.bit.weak"), return String.format(rb.getString("key.bit.weak"), kLen, displayAlg);
KeyUtil.getKeySize(key), key.getAlgorithm());
} }
} }

11
test/jdk/sun/security/tools/keytool/DeprecateKeyalg.java
View file

@ -26,7 +26,7 @@ import jdk.test.lib.process.OutputAnalyzer;
/** /**
* @test * @test
* @bug 8212003 * @bug 8212003 8214179
* @summary Deprecating the default keytool -keyalg option * @summary Deprecating the default keytool -keyalg option
* @library /test/lib * @library /test/lib
*/ */
@ -55,6 +55,15 @@ public class DeprecateKeyalg {
.shouldContain("Generated") .shouldContain("Generated")
.shouldContain("default key algorithm (DES)") .shouldContain("default key algorithm (DES)")
.shouldContain("-keyalg option must be specified"); .shouldContain("-keyalg option must be specified");
kt("-genkeypair -alias e -dname CN=e -keyalg EC -groupname brainpoolP256r1")
.shouldContain("Generating 256 bit EC (brainpoolP256r1) key pair");
kt("-genkeypair -alias f -dname CN=f -keyalg EC")
.shouldContain("Generating 256 bit EC (secp256r1) key pair");
kt("-genkeypair -alias g -dname CN=g -keyalg EC -keysize 384")
.shouldContain("Generating 384 bit EC (secp384r1) key pair");
} }
private static OutputAnalyzer kt(String cmd) throws Throwable { private static OutputAnalyzer kt(String cmd) throws Throwable {

6
test/jdk/sun/security/tools/keytool/GroupName.java
View file

@ -31,7 +31,7 @@ import java.security.interfaces.ECKey;
/** /**
* @test * @test
* @bug 8213400 * @bug 8213400 8214179
* @summary Support choosing group name in keytool keypair generation * @summary Support choosing group name in keytool keypair generation
* @library /test/lib * @library /test/lib
*/ */
@ -69,6 +69,10 @@ public class GroupName {
.shouldHaveExitValue(0) .shouldHaveExitValue(0)
.shouldNotContain("Specifying -keysize for generating EC keys is deprecated"); .shouldNotContain("Specifying -keysize for generating EC keys is deprecated");
checkCurveName("f", "brainpoolP256r1"); checkCurveName("f", "brainpoolP256r1");
kt("-list -v")
.shouldHaveExitValue(0)
.shouldContain("Subject Public Key Algorithm: 256-bit EC (secp256r1) key");
} }
private static void checkCurveName(String a, String name) private static void checkCurveName(String a, String name)