1 /*
   2  * Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package sun.security.tools.jarsigner;
  27 
  28 /**
  29  * <p> This class represents the <code>ResourceBundle</code>
  30  * for JarSigner.
  31  *
  32  */
  33 public class Resources extends java.util.ListResourceBundle {
  34 
  35     private static final Object[][] contents = {
  36 
  37         // shared (from jarsigner)
  38         {"SPACE", " "},
  39         {"2SPACE", "  "},
  40         {"6SPACE", "      "},
  41         {"COMMA", ", "},
  42 
  43         {"provclass.not.a.provider", "%s not a provider"},
  44         {"provider.name.not.found", "Provider named \"%s\" not found"},
  45         {"provider.class.not.found", "Provider \"%s\" not found"},
  46         {"jarsigner.error.", "jarsigner error: "},
  47         {"Illegal.option.", "Illegal option: "},
  48         {"This.option.is.deprecated", "This option is deprecated: "},
  49         {".keystore.must.be.NONE.if.storetype.is.{0}",
  50                 "-keystore must be NONE if -storetype is {0}"},
  51         {".keypass.can.not.be.specified.if.storetype.is.{0}",
  52                 "-keypass can not be specified if -storetype is {0}"},
  53         {"If.protected.is.specified.then.storepass.and.keypass.must.not.be.specified",
  54                 "If -protected is specified, then -storepass and -keypass must not be specified"},
  55         {"If.keystore.is.not.password.protected.then.storepass.and.keypass.must.not.be.specified",
  56                  "If keystore is not password protected, then -storepass and -keypass must not be specified"},
  57         {"Usage.jarsigner.options.jar.file.alias",
  58                 "Usage: jarsigner [options] jar-file alias"},
  59         {".jarsigner.verify.options.jar.file.alias.",
  60                 "       jarsigner -verify [options] jar-file [alias...]"},
  61         {".keystore.url.keystore.location",
  62                 "[-keystore <url>]           keystore location"},
  63         {".storepass.password.password.for.keystore.integrity",
  64             "[-storepass <password>]     password for keystore integrity"},
  65         {".storetype.type.keystore.type",
  66                 "[-storetype <type>]         keystore type"},
  67         {".keypass.password.password.for.private.key.if.different.",
  68                 "[-keypass <password>]       password for private key (if different)"},
  69         {".certchain.file.name.of.alternative.certchain.file",
  70                 "[-certchain <file>]         name of alternative certchain file"},
  71         {".sigfile.file.name.of.SF.DSA.file",
  72                 "[-sigfile <file>]           name of .SF/.DSA file"},
  73         {".signedjar.file.name.of.signed.JAR.file",
  74                 "[-signedjar <file>]         name of signed JAR file"},
  75         {".digestalg.algorithm.name.of.digest.algorithm",
  76                 "[-digestalg <algorithm>]    name of digest algorithm"},
  77         {".sigalg.algorithm.name.of.signature.algorithm",
  78                 "[-sigalg <algorithm>]       name of signature algorithm"},
  79         {".verify.verify.a.signed.JAR.file",
  80                 "[-verify]                   verify a signed JAR file"},
  81         {".verbose.suboptions.verbose.output.when.signing.verifying.",
  82                 "[-verbose[:suboptions]]     verbose output when signing/verifying."},
  83         {".suboptions.can.be.all.grouped.or.summary",
  84                 "                            suboptions can be all, grouped or summary"},
  85         {".certs.display.certificates.when.verbose.and.verifying",
  86                 "[-certs]                    display certificates when verbose and verifying"},
  87         {".tsa.url.location.of.the.Timestamping.Authority",
  88                 "[-tsa <url>]                location of the Timestamping Authority"},
  89         {".tsacert.alias.public.key.certificate.for.Timestamping.Authority",
  90                 "[-tsacert <alias>]          public key certificate for Timestamping Authority"},
  91         {".tsapolicyid.tsapolicyid.for.Timestamping.Authority",
  92                 "[-tsapolicyid <oid>]        TSAPolicyID for Timestamping Authority"},
  93         {".tsadigestalg.algorithm.of.digest.data.in.timestamping.request",
  94                 "[-tsadigestalg <algorithm>] algorithm of digest data in timestamping request"},
  95         {".altsigner.class.class.name.of.an.alternative.signing.mechanism",
  96                 "[-altsigner <class>]        class name of an alternative signing mechanism\n" +
  97                 "                            (This option has been deprecated.)"},
  98         {".altsignerpath.pathlist.location.of.an.alternative.signing.mechanism",
  99                 "[-altsignerpath <pathlist>] location of an alternative signing mechanism\n" +
 100                 "                            (This option has been deprecated.)"},
 101         {".internalsf.include.the.SF.file.inside.the.signature.block",
 102                 "[-internalsf]               include the .SF file inside the signature block"},
 103         {".sectionsonly.don.t.compute.hash.of.entire.manifest",
 104                 "[-sectionsonly]             don't compute hash of entire manifest"},
 105         {".protected.keystore.has.protected.authentication.path",
 106                 "[-protected]                keystore has protected authentication path"},
 107         {".providerName.name.provider.name",
 108                 "[-providerName <name>]      provider name"},
 109         {".add.provider.option",
 110                 "[-addprovider <name>        add security provider by name (e.g. SunPKCS11)"},
 111         {".providerArg.option.1",
 112                 "  [-providerArg <arg>]] ... configure argument for -addprovider"},
 113         {".providerClass.option",
 114                 "[-providerClass <class>     add security provider by fully-qualified class name"},
 115         {".providerArg.option.2",
 116                 "  [-providerArg <arg>]] ... configure argument for -providerClass"},
 117         {".strict.treat.warnings.as.errors",
 118                 "[-strict]                   treat warnings as errors"},
 119         {".conf.url.specify.a.pre.configured.options.file",
 120                 "[-conf <url>]               specify a pre-configured options file"},
 121         {"Option.lacks.argument", "Option lacks argument"},
 122         {"Please.type.jarsigner.help.for.usage", "Please type jarsigner -help for usage"},
 123         {"Please.specify.jarfile.name", "Please specify jarfile name"},
 124         {"Please.specify.alias.name", "Please specify alias name"},
 125         {"Only.one.alias.can.be.specified", "Only one alias can be specified"},
 126         {"This.jar.contains.signed.entries.which.is.not.signed.by.the.specified.alias.es.",
 127                  "This jar contains signed entries which are not signed by the specified alias(es)."},
 128         {"This.jar.contains.signed.entries.that.s.not.signed.by.alias.in.this.keystore.",
 129                   "This jar contains signed entries that are not signed by alias in this keystore."},
 130         {"s", "s"},
 131         {"m", "m"},
 132         {"k", "k"},
 133         {".and.d.more.", "(and %d more)"},
 134         {".s.signature.was.verified.",
 135                 "  s = signature was verified "},
 136         {".m.entry.is.listed.in.manifest",
 137                 "  m = entry is listed in manifest"},
 138         {".k.at.least.one.certificate.was.found.in.keystore",
 139                 "  k = at least one certificate was found in keystore"},
 140         {".X.not.signed.by.specified.alias.es.",
 141                 "  X = not signed by specified alias(es)"},
 142         {"no.manifest.", "no manifest."},
 143         {".Signature.related.entries.","(Signature related entries)"},
 144         {".Unsigned.entries.", "(Unsigned entries)"},
 145         {"jar.is.unsigned",
 146                 "jar is unsigned."},
 147         {"jar.treated.unsigned",
 148                 "WARNING: Signature is either not parsable or not verifiable, and the jar will be treated as unsigned. For more information, re-run jarsigner with debug enabled (-J-Djava.security.debug=jar)."},
 149         {"jar.treated.unsigned.see.weak",
 150                 "The jar will be treated as unsigned, because it is signed with a weak algorithm that is now disabled.\n\nRe-run jarsigner with the -verbose option for more details."},
 151         {"jar.treated.unsigned.see.weak.verbose",
 152                 "WARNING: The jar will be treated as unsigned, because it is signed with a weak algorithm that is now disabled by the security property:"},
 153         {"jar.signed.", "jar signed."},
 154         {"jar.signed.with.signer.errors.", "jar signed, with signer errors."},
 155         {"jar.verified.", "jar verified."},
 156         {"jar.verified.with.signer.errors.", "jar verified, with signer errors."},
 157 
 158         {"history.with.ts", "- Signed by \"%1$s\"\n    Digest algorithm: %2$s\n    Signature algorithm: %3$s, %4$s\n  Timestamped by \"%6$s\" on %5$tc\n    Timestamp digest algorithm: %7$s\n    Timestamp signature algorithm: %8$s, %9$s"},
 159         {"history.without.ts", "- Signed by \"%1$s\"\n    Digest algorithm: %2$s\n    Signature algorithm: %3$s, %4$s"},
 160         {"history.unparsable", "- Unparsable signature-related file %s"},
 161         {"history.nosf", "- Missing signature-related file META-INF/%s.SF"},
 162         {"history.nobk", "- Missing block file for signature-related file META-INF/%s.SF"},
 163 
 164         {"with.weak", "%s (weak)"},
 165         {"key.bit", "%d-bit key"},
 166         {"key.bit.weak", "%d-bit key (weak)"},
 167         {"unknown.size", "unknown size"},
 168 
 169         {"jarsigner.", "jarsigner: "},
 170         {"signature.filename.must.consist.of.the.following.characters.A.Z.0.9.or.",
 171                 "signature filename must consist of the following characters: A-Z, 0-9, _ or -"},
 172         {"unable.to.open.jar.file.", "unable to open jar file: "},
 173         {"unable.to.create.", "unable to create: "},
 174         {".adding.", "   adding: "},
 175         {".updating.", " updating: "},
 176         {".signing.", "  signing: "},
 177         {"attempt.to.rename.signedJarFile.to.jarFile.failed",
 178                 "attempt to rename {0} to {1} failed"},
 179         {"attempt.to.rename.jarFile.to.origJar.failed",
 180                 "attempt to rename {0} to {1} failed"},
 181         {"unable.to.sign.jar.", "unable to sign jar: "},
 182         {"Enter.Passphrase.for.keystore.", "Enter Passphrase for keystore: "},
 183         {"keystore.load.", "keystore load: "},
 184         {"certificate.exception.", "certificate exception: "},
 185         {"unable.to.instantiate.keystore.class.",
 186                 "unable to instantiate keystore class: "},
 187         {"Certificate.chain.not.found.for.alias.alias.must.reference.a.valid.KeyStore.key.entry.containing.a.private.key.and",
 188                 "Certificate chain not found for: {0}.  {1} must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain."},
 189         {"File.specified.by.certchain.does.not.exist",
 190                 "File specified by -certchain does not exist"},
 191         {"Cannot.restore.certchain.from.file.specified",
 192                 "Cannot restore certchain from file specified"},
 193         {"Certificate.chain.not.found.in.the.file.specified.",
 194                 "Certificate chain not found in the file specified."},
 195         {"found.non.X.509.certificate.in.signer.s.chain",
 196                 "found non-X.509 certificate in signer's chain"},
 197         {"incomplete.certificate.chain", "incomplete certificate chain"},
 198         {"Enter.key.password.for.alias.", "Enter key password for {0}: "},
 199         {"unable.to.recover.key.from.keystore",
 200                 "unable to recover key from keystore"},
 201         {"key.associated.with.alias.not.a.private.key",
 202                 "key associated with {0} not a private key"},
 203         {"you.must.enter.key.password", "you must enter key password"},
 204         {"unable.to.read.password.", "unable to read password: "},
 205         {"certificate.is.valid.from", "certificate is valid from {0} to {1}"},
 206         {"certificate.expired.on", "certificate expired on {0}"},
 207         {"certificate.is.not.valid.until",
 208                 "certificate is not valid until {0}"},
 209         {"certificate.will.expire.on", "certificate will expire on {0}"},
 210         {".CertPath.not.validated.", "[CertPath not validated: "},
 211         {"requesting.a.signature.timestamp",
 212                 "requesting a signature timestamp"},
 213         {"TSA.location.", "TSA location: "},
 214         {"TSA.certificate.", "TSA certificate: "},
 215         {"no.response.from.the.Timestamping.Authority.",
 216                 "no response from the Timestamping Authority. When connecting"
 217                 + " from behind a firewall an HTTP or HTTPS proxy may need to"
 218                 + " be specified. Supply the following options to jarsigner:"},
 219         {"or", "or"},
 220         {"Certificate.not.found.for.alias.alias.must.reference.a.valid.KeyStore.entry.containing.an.X.509.public.key.certificate.for.the",
 221                 "Certificate not found for: {0}.  {1} must reference a valid KeyStore entry containing an X.509 public key certificate for the Timestamping Authority."},
 222         {"using.an.alternative.signing.mechanism",
 223                 "using an alternative signing mechanism"},
 224         {"entry.was.signed.on", "entry was signed on {0}"},
 225         {"Warning.", "Warning: "},
 226         {"Error.", "Error: "},
 227         {"This.jar.contains.unsigned.entries.which.have.not.been.integrity.checked.",
 228                 "This jar contains unsigned entries which have not been integrity-checked. "},
 229         {"This.jar.contains.entries.whose.signer.certificate.has.expired.",
 230                 "This jar contains entries whose signer certificate has expired. "},
 231         {"This.jar.contains.entries.whose.signer.certificate.will.expire.within.six.months.",
 232                 "This jar contains entries whose signer certificate will expire within six months. "},
 233         {"This.jar.contains.entries.whose.signer.certificate.is.not.yet.valid.",
 234                 "This jar contains entries whose signer certificate is not yet valid. "},
 235         {"This.jar.contains.entries.whose.signer.certificate.is.self.signed.",
 236                 "This jar contains entries whose signer certificate is self-signed."},
 237         {"Re.run.with.the.verbose.option.for.more.details.",
 238                 "Re-run with the -verbose option for more details."},
 239         {"Re.run.with.the.verbose.and.certs.options.for.more.details.",
 240                 "Re-run with the -verbose and -certs options for more details."},
 241         {"The.signer.certificate.has.expired.",
 242                 "The signer certificate has expired."},
 243         {"The.signer.certificate.will.expire.within.six.months.",
 244                 "The signer certificate will expire within six months."},
 245         {"The.signer.certificate.is.not.yet.valid.",
 246                 "The signer certificate is not yet valid."},
 247         {"The.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing.",
 248                  "The signer certificate's KeyUsage extension doesn't allow code signing."},
 249         {"The.signer.certificate.s.ExtendedKeyUsage.extension.doesn.t.allow.code.signing.",
 250                  "The signer certificate's ExtendedKeyUsage extension doesn't allow code signing."},
 251         {"The.signer.certificate.s.NetscapeCertType.extension.doesn.t.allow.code.signing.",
 252                  "The signer certificate's NetscapeCertType extension doesn't allow code signing."},
 253         {"This.jar.contains.entries.whose.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing.",
 254                  "This jar contains entries whose signer certificate's KeyUsage extension doesn't allow code signing."},
 255         {"This.jar.contains.entries.whose.signer.certificate.s.ExtendedKeyUsage.extension.doesn.t.allow.code.signing.",
 256                  "This jar contains entries whose signer certificate's ExtendedKeyUsage extension doesn't allow code signing."},
 257         {"This.jar.contains.entries.whose.signer.certificate.s.NetscapeCertType.extension.doesn.t.allow.code.signing.",
 258                  "This jar contains entries whose signer certificate's NetscapeCertType extension doesn't allow code signing."},
 259         {".{0}.extension.does.not.support.code.signing.",
 260                  "[{0} extension does not support code signing]"},
 261         {"The.signer.s.certificate.chain.is.not.validated.reason.1",
 262                 "The signer's certificate chain is not validated. Reason: %s"},
 263         {"The.signer.s.certificate.is.self.signed.",
 264                 "The signer's certificate is self-signed."},
 265         {"The.1.algorithm.specified.for.the.2.option.is.considered.a.security.risk.",
 266                 "The %1$s algorithm specified for the %2$s option is considered a security risk."},
 267         {"The.1.signing.key.has.a.keysize.of.2.which.is.considered.a.security.risk.",
 268                 "The %s signing key has a keysize of %d which is considered a security risk."},
 269         {"This.jar.contains.entries.whose.certificate.chain.is.not.validated.reason.1",
 270                  "This jar contains entries whose certificate chain is not validated. Reason: %s"},
 271         {"no.timestamp.signing",
 272                 "No -tsa or -tsacert is provided and this jar is not timestamped. Without a timestamp, users may not be able to validate this jar after the signer certificate's expiration date (%1$tY-%1$tm-%1$td)."},
 273         {"no.timestamp.verifying",
 274                 "This jar contains signatures that do not include a timestamp. Without a timestamp, users may not be able to validate this jar after any of the signer certificates expire (as early as %1$tY-%1$tm-%1$td)."},
 275         {"Unknown.password.type.", "Unknown password type: "},
 276         {"Cannot.find.environment.variable.",
 277                 "Cannot find environment variable: "},
 278         {"Cannot.find.file.", "Cannot find file: "},
 279     };
 280 
 281     /**
 282      * Returns the contents of this <code>ResourceBundle</code>.
 283      *
 284      * <p>
 285      *
 286      * @return the contents of this <code>ResourceBundle</code>.
 287      */
 288     @Override
 289     public Object[][] getContents() {
 290         return contents;
 291     }
 292 }