--- old/src/java.base/share/classes/sun/security/tools/KeyStoreUtil.java 2016-02-19 21:04:34.000000000 +0800
+++ new/src/java.base/share/classes/sun/security/tools/KeyStoreUtil.java 2016-02-19 21:04:34.000000000 +0800
@@ -38,6 +38,8 @@
import java.security.KeyStore;
+import java.security.Provider;
+import java.security.Security;
import java.security.cert.X509Certificate;
import java.text.Collator;
@@ -46,6 +48,7 @@
import java.util.List;
import java.util.Locale;
import java.util.Properties;
+import java.util.ServiceLoader;
import sun.security.util.PropertyExpander;
@@ -259,4 +262,75 @@
return result.toArray(new String[result.size()]);
}
}
+
+ /**
+ * Loads a security provider in a module with its name.
+ *
+ * @param provName the name
+ * @param arg optional arg
+ * @param debug if true, print some log
+ * @throws IllegalAccessException if a provider cannot be added
+ */
+ public static void loadProviderByName(String provName, String arg, boolean debug) {
+ for (Provider p: ServiceLoader.load(Provider.class)) {
+ if (p.getName().equals(provName)) {
+ if (arg != null) {
+ p = p.configure(arg);
+ }
+ Security.addProvider(p);
+ if (debug) {
+ System.out.println("loadProviderByName: " + p);
+ }
+ return;
+ }
+ }
+ throw new IllegalArgumentException(provName);
+ }
+
+ /**
+ * Loads a security provider with its full-qualified name.
+ *
+ * @param provClass the class name
+ * @param arg optional arg
+ * @param cl optional class loader
+ * @param debug if true, print some log
+ * @throws IllegalAccessException if a provider cannot be added
+ */
+ public static void loadProviderByClass(String provClass, String arg,
+ ClassLoader cl, boolean debug) {
+ Provider prov = null;
+ for (Provider p: ServiceLoader.load(Provider.class)) {
+ // A provider in module can also be use class name
+ if (p.getClass().getName().equals(provClass)) {
+ prov = p;
+ break;
+ }
+ }
+ if (prov == null) {
+ // legacy provider on classpath
+ try {
+ Class<?> clazz;
+ if (cl != null) {
+ clazz = cl.loadClass(provClass);
+ } else {
+ clazz = Class.forName(provClass);
+ }
+ KeyStoreUtil.class.getModule().addReads(clazz.getModule());
+ Object obj = clazz.newInstance();
+ if (!(obj instanceof Provider)) {
+ throw new IllegalArgumentException(provClass);
+ }
+ prov = (Provider) obj;
+ } catch (Exception e) {
+ throw new IllegalArgumentException(provClass, e);
+ }
+ }
+ if (arg != null) {
+ prov = prov.configure(arg);
+ }
+ Security.addProvider(prov);
+ if (debug) {
+ System.out.println("loadProviderByClass: " + prov);
+ }
+ }
}
--- old/src/java.base/share/classes/sun/security/tools/keytool/Main.java 2016-02-19 21:04:35.000000000 +0800
+++ new/src/java.base/share/classes/sun/security/tools/keytool/Main.java 2016-02-19 21:04:35.000000000 +0800
@@ -54,7 +54,6 @@
import java.util.*;
import java.util.jar.JarEntry;
import java.util.jar.JarFile;
-import java.lang.reflect.Constructor;
import java.math.BigInteger;
import java.net.URI;
import java.net.URL;
@@ -129,6 +128,7 @@
// them through the command line.
private Set<Pair <String, String>> providers = null;
+ private Set<Pair <String, String>> providerClasses = null;
private String storetype = null;
private boolean hasStoretypeOption = false;
private String srcProviderName = null;
@@ -167,57 +167,57 @@
enum Command {
CERTREQ("Generates.a.certificate.request",
ALIAS, SIGALG, FILEOUT, KEYPASS, KEYSTORE, DNAME,
- STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS,
- PROVIDERARG, PROVIDERPATH, V, PROTECTED),
+ STOREPASS, STORETYPE, PROVIDERNAME, PROVIDER,
+ PROVIDERCLASS, PROVIDERPATH, V, PROTECTED),
CHANGEALIAS("Changes.an.entry.s.alias",
ALIAS, DESTALIAS, KEYPASS, KEYSTORE, STOREPASS,
- STORETYPE, PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
+ STORETYPE, PROVIDERNAME, PROVIDER, PROVIDERCLASS,
PROVIDERPATH, V, PROTECTED),
DELETE("Deletes.an.entry",
ALIAS, KEYSTORE, STOREPASS, STORETYPE,
- PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
+ PROVIDERNAME, PROVIDER, PROVIDERCLASS,
PROVIDERPATH, V, PROTECTED),
EXPORTCERT("Exports.certificate",
RFC, ALIAS, FILEOUT, KEYSTORE, STOREPASS,
- STORETYPE, PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
+ STORETYPE, PROVIDERNAME, PROVIDER, PROVIDERCLASS,
PROVIDERPATH, V, PROTECTED),
GENKEYPAIR("Generates.a.key.pair",
ALIAS, KEYALG, KEYSIZE, SIGALG, DESTALIAS, DNAME,
STARTDATE, EXT, VALIDITY, KEYPASS, KEYSTORE,
- STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS,
- PROVIDERARG, PROVIDERPATH, V, PROTECTED),
+ STOREPASS, STORETYPE, PROVIDERNAME, PROVIDER,
+ PROVIDERCLASS, PROVIDERPATH, V, PROTECTED),
GENSECKEY("Generates.a.secret.key",
ALIAS, KEYPASS, KEYALG, KEYSIZE, KEYSTORE,
- STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS,
- PROVIDERARG, PROVIDERPATH, V, PROTECTED),
+ STOREPASS, STORETYPE, PROVIDERNAME, PROVIDER,
+ PROVIDERCLASS, PROVIDERPATH, V, PROTECTED),
GENCERT("Generates.certificate.from.a.certificate.request",
RFC, INFILE, OUTFILE, ALIAS, SIGALG, DNAME,
STARTDATE, EXT, VALIDITY, KEYPASS, KEYSTORE,
- STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS,
- PROVIDERARG, PROVIDERPATH, V, PROTECTED),
+ STOREPASS, STORETYPE, PROVIDERNAME, PROVIDER,
+ PROVIDERCLASS, PROVIDERPATH, V, PROTECTED),
IMPORTCERT("Imports.a.certificate.or.a.certificate.chain",
NOPROMPT, TRUSTCACERTS, PROTECTED, ALIAS, FILEIN,
KEYPASS, KEYSTORE, STOREPASS, STORETYPE,
- PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
+ PROVIDERNAME, PROVIDER, PROVIDERCLASS,
PROVIDERPATH, V),
IMPORTPASS("Imports.a.password",
ALIAS, KEYPASS, KEYALG, KEYSIZE, KEYSTORE,
- STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS,
- PROVIDERARG, PROVIDERPATH, V, PROTECTED),
+ STOREPASS, STORETYPE, PROVIDERNAME, PROVIDER,
+ PROVIDERCLASS, PROVIDERPATH, V, PROTECTED),
IMPORTKEYSTORE("Imports.one.or.all.entries.from.another.keystore",
SRCKEYSTORE, DESTKEYSTORE, SRCSTORETYPE,
DESTSTORETYPE, SRCSTOREPASS, DESTSTOREPASS,
SRCPROTECTED, SRCPROVIDERNAME, DESTPROVIDERNAME,
SRCALIAS, DESTALIAS, SRCKEYPASS, DESTKEYPASS,
- NOPROMPT, PROVIDERCLASS, PROVIDERARG, PROVIDERPATH,
+ NOPROMPT, PROVIDER, PROVIDERCLASS, PROVIDERPATH,
V),
KEYPASSWD("Changes.the.key.password.of.an.entry",
ALIAS, KEYPASS, NEW, KEYSTORE, STOREPASS,
- STORETYPE, PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
+ STORETYPE, PROVIDERNAME, PROVIDER, PROVIDERCLASS,
PROVIDERPATH, V),
LIST("Lists.entries.in.a.keystore",
RFC, ALIAS, KEYSTORE, STOREPASS, STORETYPE,
- PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
+ PROVIDERNAME, PROVIDER, PROVIDERCLASS,
PROVIDERPATH, V, PROTECTED),
PRINTCERT("Prints.the.content.of.a.certificate",
RFC, FILEIN, SSLSERVER, JARFILE, V),
@@ -227,26 +227,26 @@
FILEIN, V),
STOREPASSWD("Changes.the.store.password.of.a.keystore",
NEW, KEYSTORE, STOREPASS, STORETYPE, PROVIDERNAME,
- PROVIDERCLASS, PROVIDERARG, PROVIDERPATH, V),
+ PROVIDER, PROVIDERCLASS, PROVIDERPATH, V),
// Undocumented start here, KEYCLONE is used a marker in -help;
KEYCLONE("Clones.a.key.entry",
ALIAS, DESTALIAS, KEYPASS, NEW, STORETYPE,
- KEYSTORE, STOREPASS, PROVIDERNAME, PROVIDERCLASS,
- PROVIDERARG, PROVIDERPATH, V),
+ KEYSTORE, STOREPASS, PROVIDERNAME, PROVIDER,
+ PROVIDERCLASS, PROVIDERPATH, V),
SELFCERT("Generates.a.self.signed.certificate",
ALIAS, SIGALG, DNAME, STARTDATE, VALIDITY, KEYPASS,
STORETYPE, KEYSTORE, STOREPASS, PROVIDERNAME,
- PROVIDERCLASS, PROVIDERARG, PROVIDERPATH, V),
+ PROVIDER, PROVIDERCLASS, PROVIDERPATH, V),
GENCRL("Generates.CRL",
RFC, FILEOUT, ID,
ALIAS, SIGALG, EXT, KEYPASS, KEYSTORE,
- STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS,
- PROVIDERARG, PROVIDERPATH, V, PROTECTED),
+ STOREPASS, STORETYPE, PROVIDERNAME, PROVIDER,
+ PROVIDERCLASS, PROVIDERPATH, V, PROTECTED),
IDENTITYDB("Imports.entries.from.a.JDK.1.1.x.style.identity.database",
FILEIN, STORETYPE, KEYSTORE, STOREPASS, PROVIDERNAME,
- PROVIDERCLASS, PROVIDERARG, PROVIDERPATH, V);
+ PROVIDER, PROVIDERCLASS, PROVIDERPATH, V);
final String description;
final Option[] options;
@@ -290,48 +290,48 @@
enum Option {
ALIAS("alias", "<alias>", "alias.name.of.the.entry.to.process"),
- DESTALIAS("destalias", "<destalias>", "destination.alias"),
+ DESTALIAS("destalias", "<alias>", "destination.alias"),
DESTKEYPASS("destkeypass", "<arg>", "destination.key.password"),
- DESTKEYSTORE("destkeystore", "<destkeystore>", "destination.keystore.name"),
+ DESTKEYSTORE("destkeystore", "<keystore>", "destination.keystore.name"),
DESTPROTECTED("destprotected", null, "destination.keystore.password.protected"),
- DESTPROVIDERNAME("destprovidername", "<destprovidername>", "destination.keystore.provider.name"),
+ DESTPROVIDERNAME("destprovidername", "<name>", "destination.keystore.provider.name"),
DESTSTOREPASS("deststorepass", "<arg>", "destination.keystore.password"),
- DESTSTORETYPE("deststoretype", "<deststoretype>", "destination.keystore.type"),
- DNAME("dname", "<dname>", "distinguished.name"),
+ DESTSTORETYPE("deststoretype", "<type>", "destination.keystore.type"),
+ DNAME("dname", "<name>", "distinguished.name"),
EXT("ext", "<value>", "X.509.extension"),
- FILEOUT("file", "<filename>", "output.file.name"),
- FILEIN("file", "<filename>", "input.file.name"),
+ FILEOUT("file", "<file>", "output.file.name"),
+ FILEIN("file", "<file>", "input.file.name"),
ID("id", "<id:reason>", "Serial.ID.of.cert.to.revoke"),
- INFILE("infile", "<filename>", "input.file.name"),
- KEYALG("keyalg", "<keyalg>", "key.algorithm.name"),
+ INFILE("infile", "<file>", "input.file.name"),
+ KEYALG("keyalg", "<alg>", "key.algorithm.name"),
KEYPASS("keypass", "<arg>", "key.password"),
- KEYSIZE("keysize", "<keysize>", "key.bit.size"),
+ KEYSIZE("keysize", "<size>", "key.bit.size"),
KEYSTORE("keystore", "<keystore>", "keystore.name"),
NEW("new", "<arg>", "new.password"),
NOPROMPT("noprompt", null, "do.not.prompt"),
- OUTFILE("outfile", "<filename>", "output.file.name"),
+ OUTFILE("outfile", "<file>", "output.file.name"),
PROTECTED("protected", null, "password.through.protected.mechanism"),
- PROVIDERARG("providerarg", "<arg>", "provider.argument"),
- PROVIDERCLASS("providerclass", "<providerclass>", "provider.class.name"),
- PROVIDERNAME("providername", "<providername>", "provider.name"),
- PROVIDERPATH("providerpath", "<pathlist>", "provider.classpath"),
+ PROVIDERCLASS("providerclass", "<class>\n[-providerarg <arg>]", "provider.class.option"),
+ PROVIDER("provider", "<name>\n[-providerarg <arg>]", "provider.option"),
+ PROVIDERNAME("providername", "<name>", "provider.name"),
+ PROVIDERPATH("providerpath", "<list>", "provider.classpath"),
RFC("rfc", null, "output.in.RFC.style"),
- SIGALG("sigalg", "<sigalg>", "signature.algorithm.name"),
- SRCALIAS("srcalias", "<srcalias>", "source.alias"),
+ SIGALG("sigalg", "<alg>", "signature.algorithm.name"),
+ SRCALIAS("srcalias", "<alias>", "source.alias"),
SRCKEYPASS("srckeypass", "<arg>", "source.key.password"),
- SRCKEYSTORE("srckeystore", "<srckeystore>", "source.keystore.name"),
+ SRCKEYSTORE("srckeystore", "<keystore>", "source.keystore.name"),
SRCPROTECTED("srcprotected", null, "source.keystore.password.protected"),
- SRCPROVIDERNAME("srcprovidername", "<srcprovidername>", "source.keystore.provider.name"),
+ SRCPROVIDERNAME("srcprovidername", "<name>", "source.keystore.provider.name"),
SRCSTOREPASS("srcstorepass", "<arg>", "source.keystore.password"),
- SRCSTORETYPE("srcstoretype", "<srcstoretype>", "source.keystore.type"),
+ SRCSTORETYPE("srcstoretype", "<type>", "source.keystore.type"),
SSLSERVER("sslserver", "<server[:port]>", "SSL.server.host.and.port"),
- JARFILE("jarfile", "<filename>", "signed.jar.file"),
- STARTDATE("startdate", "<startdate>", "certificate.validity.start.date.time"),
+ JARFILE("jarfile", "<file>", "signed.jar.file"),
+ STARTDATE("startdate", "<date>", "certificate.validity.start.date.time"),
STOREPASS("storepass", "<arg>", "keystore.password"),
- STORETYPE("storetype", "<storetype>", "keystore.type"),
+ STORETYPE("storetype", "<type>", "keystore.type"),
TRUSTCACERTS("trustcacerts", null, "trust.certificates.from.cacerts"),
V("v", null, "verbose.output"),
- VALIDITY("validity", "<valDays>", "validity.number.of.days");
+ VALIDITY("validity", "<days>", "validity.number.of.days");
final String name, arg, description;
Option(String name, String arg, String description) {
@@ -550,12 +550,11 @@
jarfile = args[++i];
} else if (collator.compare(flags, "-srckeystore") == 0) {
srcksfname = args[++i];
- } else if ((collator.compare(flags, "-provider") == 0) ||
- (collator.compare(flags, "-providerclass") == 0)) {
+ } else if (collator.compare(flags, "-provider") == 0) {
if (providers == null) {
providers = new HashSet<Pair <String, String>> (3);
}
- String providerClass = args[++i];
+ String provider = args[++i];
String providerArg = null;
if (args.length > (i+1)) {
@@ -567,6 +566,23 @@
}
}
providers.add(
+ Pair.of(provider, providerArg));
+ } else if (collator.compare(flags, "-providerclass") == 0) {
+ if (providerClasses == null) {
+ providerClasses = new HashSet<Pair <String, String>> (3);
+ }
+ String providerClass = args[++i];
+ String providerArg = null;
+
+ if (args.length > (i+1)) {
+ flags = args[i+1];
+ if (collator.compare(flags, "-providerarg") == 0) {
+ if (args.length == (i+2)) errorNeedArgument(flags);
+ providerArg = args[i+2];
+ i += 2;
+ }
+ }
+ providerClasses.add(
Pair.of(providerClass, providerArg));
}
@@ -618,7 +634,6 @@
return cmd != PRINTCERT && cmd != PRINTCERTREQ;
}
-
/**
* Execute the commands.
*/
@@ -702,46 +717,43 @@
(rb.getString("Validity.must.be.greater.than.zero"));
}
- // Try to load and install specified provider
- if (providers != null) {
- ClassLoader cl = null;
- if (pathlist != null) {
- String path = null;
- path = PathList.appendPath(
- path, System.getProperty("java.class.path"));
- path = PathList.appendPath(
- path, System.getProperty("env.class.path"));
- path = PathList.appendPath(path, pathlist);
-
- URL[] urls = PathList.pathToURLs(path);
- cl = new URLClassLoader(urls);
- } else {
- cl = ClassLoader.getSystemClassLoader();
- }
+ try {
+ // Try to load and install specified provider
+ if (providers != null) {
+ for (Pair<String, String> provider : providers) {
+ KeyStoreUtil.loadProviderByName(
+ provider.fst, provider.snd, debug);
+ }
+ }
+ if (providerClasses != null) {
+ ClassLoader cl = null;
+ if (pathlist != null) {
+ String path = null;
+ path = PathList.appendPath(
+ path, System.getProperty("java.class.path"));
+ path = PathList.appendPath(
+ path, System.getProperty("env.class.path"));
+ path = PathList.appendPath(path, pathlist);
- for (Pair <String, String> provider: providers) {
- String provName = provider.fst;
- Class<?> provClass;
- if (cl != null) {
- provClass = cl.loadClass(provName);
+ URL[] urls = PathList.pathToURLs(path);
+ cl = new URLClassLoader(urls);
} else {
- provClass = Class.forName(provName);
+ cl = ClassLoader.getSystemClassLoader();
}
-
- Object obj = provClass.newInstance();
- if (!(obj instanceof Provider)) {
- MessageFormat form = new MessageFormat
- (rb.getString("provName.not.a.provider"));
- Object[] source = {provName};
- throw new Exception(form.format(source));
- }
- Provider p = (Provider) obj;
- String provArg = provider.snd;
- if (provArg != null) {
- p = p.configure(provArg);
+ for (Pair<String, String> provider : providerClasses) {
+ KeyStoreUtil.loadProviderByClass(
+ provider.fst, provider.snd, cl, debug);
}
- Security.addProvider(p);
}
+ } catch (IllegalArgumentException e) {
+ MessageFormat form = new MessageFormat
+ (rb.getString("provName.not.a.provider"));
+ Object[] source = {e.getMessage()};
+ Exception ex = new Exception(form.format(source));
+ if (e.getCause() != null) {
+ ex.initCause(e.getCause());
+ }
+ throw ex;
}
if (command == LIST && verbose && rfc) {
@@ -4132,27 +4144,38 @@
System.err.println(rb.getString("Options."));
System.err.println();
- // Left and right sides of the options list
+ // Left and right sides of the options list. Both might
+ // contain "\n" and span multiple lines
String[] left = new String[command.options.length];
String[] right = new String[command.options.length];
- // Check if there's an unknown option
- boolean found = false;
-
// Length of left side of options list
int lenLeft = 0;
- for (int j=0; j<left.length; j++) {
+
+ for (int j=0; j<command.options.length; j++) {
Option opt = command.options[j];
left[j] = opt.toString();
if (opt.arg != null) left[j] += " " + opt.arg;
- if (left[j].length() > lenLeft) {
- lenLeft = left[j].length();
+ String[] lefts = left[j].split("\n");
+ for (String s: lefts) {
+ if (s.length() > lenLeft) {
+ lenLeft = s.length();
+ }
}
right[j] = rb.getString(opt.description);
}
for (int j=0; j<left.length; j++) {
- System.err.printf(" %-" + lenLeft + "s %s\n",
- left[j], right[j]);
+ String[] lefts = left[j].split("\n");
+ String[] rights = right[j].split("\n");
+ for (int i=0; i<lefts.length && i<rights.length; i++) {
+ String s1 = i < lefts.length? lefts[i]: "";
+ String s2 = i < rights.length? rights[i]: "";
+ if (i == 0) {
+ System.err.printf(" %-" + lenLeft + "s %s\n", s1, s2);
+ } else {
+ System.err.printf(" %-" + lenLeft + "s %s\n", s1, s2);
+ }
+ }
}
System.err.println();
System.err.println(rb.getString(
--- old/src/java.base/share/classes/sun/security/tools/keytool/Resources.java 2016-02-19 21:04:37.000000000 +0800
+++ new/src/java.base/share/classes/sun/security/tools/keytool/Resources.java 2016-02-19 21:04:37.000000000 +0800
@@ -133,10 +133,16 @@
"do not prompt"}, //-noprompt
{"password.through.protected.mechanism",
"password through protected mechanism"}, //-protected
- {"provider.argument",
- "provider argument"}, //-providerarg
- {"provider.class.name",
- "provider class name"}, //-providerclass
+
+ // The following 2 values should span 2 lines, the first for the
+ // option itself, the second for its -providerArg value.
+ {"provider.option",
+ "add security provider by name (e.g. SunPKCS11)\n" +
+ "configure argument for -provider"}, //-provider
+ {"provider.class.option",
+ "add security provider by fully-qualified classname\n" +
+ "configure argument for -providerclass"}, //-providerclass
+
{"provider.name",
"provider name"}, //-providername
{"provider.classpath",
--- old/src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Main.java 2016-02-19 21:04:38.000000000 +0800
+++ new/src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Main.java 2016-02-19 21:04:37.000000000 +0800
@@ -118,7 +118,8 @@
boolean protectedPath; // protected authentication path
String storetype; // keystore type
String providerName; // provider name
- Vector<String> providers = null; // list of providers
+ List<String> providers = null; // list of provider names
+ List<String> providerClasses = null; // list of provider classes
// arguments for provider constructors
HashMap<String,String> providerArgs = new HashMap<>();
char[] keypass; // private key password
@@ -173,32 +174,29 @@
args = parseArgs(args);
// Try to load and install the specified providers
- if (providers != null) {
- ClassLoader cl = ClassLoader.getSystemClassLoader();
- Enumeration<String> e = providers.elements();
- while (e.hasMoreElements()) {
- String provName = e.nextElement();
- Class<?> provClass;
- if (cl != null) {
- provClass = cl.loadClass(provName);
- } else {
- provClass = Class.forName(provName);
- }
-
- Object obj = provClass.newInstance();
- if (!(obj instanceof Provider)) {
- MessageFormat form = new MessageFormat(rb.getString
- ("provName.not.a.provider"));
- Object[] source = {provName};
- throw new Exception(form.format(source));
- }
- Provider p = (Provider) obj;
- String provArg = providerArgs.get(provName);
- if (provArg != null) {
- p = p.configure(provArg);
- }
- Security.addProvider(p);
+ try {
+ if (providers != null) {
+ for (String provName: providers) {
+ KeyStoreUtil.loadProviderByName(provName,
+ providerArgs.get(provName), debug);
+ }
+ }
+ if (providerClasses != null) {
+ ClassLoader cl = ClassLoader.getSystemClassLoader();
+ for (String provClass: providerClasses) {
+ KeyStoreUtil.loadProviderByClass(provClass,
+ providerArgs.get(provClass), cl, debug);
+ }
+ }
+ } catch (IllegalArgumentException e) {
+ MessageFormat form = new MessageFormat(rb.getString
+ ("provName.not.a.provider"));
+ Object[] source = {e.getMessage()};
+ Exception ex = new Exception(form.format(source));
+ if (e.getCause() != null) {
+ ex.initCause(e.getCause());
}
+ throw ex;
}
if (verify) {
@@ -335,11 +333,10 @@
} else if (collator.compare(flags, "-providerName") ==0) {
if (++n == args.length) usageNoArg();
providerName = args[n];
- } else if ((collator.compare(flags, "-provider") == 0) ||
- (collator.compare(flags, "-providerClass") == 0)) {
+ } else if (collator.compare(flags, "-provider") == 0) {
if (++n == args.length) usageNoArg();
if (providers == null) {
- providers = new Vector<String>(3);
+ providers = new ArrayList<>(3);
}
providers.add(args[n]);
@@ -351,6 +348,21 @@
n += 2;
}
}
+ } else if (collator.compare(flags, "-providerClass") == 0) {
+ if (++n == args.length) usageNoArg();
+ if (providerClasses == null) {
+ providerClasses = new ArrayList<>(3);
+ }
+ providerClasses.add(args[n]);
+
+ if (args.length > (n+1)) {
+ flags = args[n+1];
+ if (collator.compare(flags, "-providerArg") == 0) {
+ if (args.length == (n+2)) usageNoArg();
+ providerArgs.put(args[n], args[n+2]);
+ n += 2;
+ }
+ }
} else if (collator.compare(flags, "-protected") ==0) {
protectedPath = true;
} else if (collator.compare(flags, "-certchain") ==0) {
@@ -584,9 +596,14 @@
(".providerName.name.provider.name"));
System.out.println();
System.out.println(rb.getString
- (".providerClass.class.name.of.cryptographic.service.provider.s"));
+ (".provider.option"));
+ System.out.println(rb.getString
+ (".providerArg.option.1"));
+ System.out.println();
+ System.out.println(rb.getString
+ (".providerClass.option"));
System.out.println(rb.getString
- (".providerArg.arg.master.class.file.and.constructor.argument"));
+ (".providerArg.option.2"));
System.out.println();
System.out.println(rb.getString
(".strict.treat.warnings.as.errors"));
--- old/src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Resources.java 2016-02-19 21:04:39.000000000 +0800
+++ new/src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Resources.java 2016-02-19 21:04:38.000000000 +0800
@@ -105,10 +105,14 @@
"[-protected] keystore has protected authentication path"},
{".providerName.name.provider.name",
"[-providerName <name>] provider name"},
- {".providerClass.class.name.of.cryptographic.service.provider.s",
- "[-providerClass <class> name of cryptographic service provider's"},
- {".providerArg.arg.master.class.file.and.constructor.argument",
- " [-providerArg <arg>]] ... master class file and constructor argument"},
+ {".provider.option",
+ "[-provider <name> add security provider by name (e.g. SunPKCS11)"},
+ {".providerArg.option.1",
+ " [-providerArg <arg>]] ... configure argument for -provider"},
+ {".providerClass.option",
+ "[-providerClass <class> add security provider by fully-qualified classname"},
+ {".providerArg.option.2",
+ " [-providerArg <arg>]] ... configure argument for -providerClass"},
{".strict.treat.warnings.as.errors",
"[-strict] treat warnings as errors"},
{".conf.url.specify.a.pre.configured.options.file",
--- old/test/ProblemList.jake.txt 2016-02-19 21:04:40.000000000 +0800
+++ new/test/ProblemList.jake.txt 2016-02-19 21:04:39.000000000 +0800
@@ -19,9 +19,6 @@
# 8038079
sun/security/krb5/auto/HttpNegotiateServer.java generic-all
-# 8130302
-sun/security/tools/keytool/autotest.sh generic-all
-
# 8134487
sun/security/ssl/StatusStapling/CertStatusReqExtensionTests.java generic-all
sun/security/ssl/StatusStapling/CertStatusReqItemV2Tests.java generic-all
--- old/test/sun/security/tools/keytool/KeyToolTest.java 2016-02-19 21:04:41.000000000 +0800
+++ new/test/sun/security/tools/keytool/KeyToolTest.java 2016-02-19 21:04:40.000000000 +0800
@@ -1715,9 +1715,9 @@
// 14. keytool -printcert -file cert
testOK("", "-printcert -file cert -keystore x.jks -storetype JKS");
remove("cert");
- // 15. keytool -list -storepass password -provider sun.security.provider.Sun
+ // 15. keytool -list -storepass password -providerClass sun.security.provider.Sun
testOK("", "-list -storepass password" +
- " -provider sun.security.provider.Sun" +
+ " -providerClass sun.security.provider.Sun" +
" -keystore x.jks -storetype JKS");
//Error tests
--- old/test/sun/security/tools/keytool/i18n.html 2016-02-19 21:04:42.000000000 +0800
+++ new/test/sun/security/tools/keytool/i18n.html 2016-02-19 21:04:41.000000000 +0800
@@ -50,7 +50,7 @@
<li> keytool -import -v -file /tmp/cert -storepass password
Check error (Certificate reply and cert are the same)
<li> keytool -printcert -file /tmp/cert
-<li> keytool -list -storepass password -provider sun.security.provider.Sun
+<li> keytool -list -storepass password -providerClass sun.security.provider.Sun
</ol>
Error tests
--- /dev/null 2016-02-19 21:04:43.000000000 +0800
+++ new/test/sun/security/tools/jarsigner/AltProvider.java 2016-02-19 21:04:42.000000000 +0800
@@ -0,0 +1,204 @@
+/*
+ * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 4906940 8130302
+ * @summary -providerPath, -providerClass, -provider, and -providerArg
+ * @library /lib/testlibrary /jdk/jigsaw/lib
+ */
+
+import jdk.testlibrary.*;
+
+import java.nio.file.*;
+
+public class AltProvider {
+ private static final String TEST_SRC =
+ Paths.get(System.getProperty("test.src")).toString();
+
+ private static final Path MOD_SRC_DIR = Paths.get(TEST_SRC, "alt");
+ private static final Path MOD_DEST_DIR = Paths.get("mods");
+
+ public static void main(String[] args) throws Throwable {
+
+ CompilerUtils.compile(
+ MOD_SRC_DIR, MOD_DEST_DIR,
+ "-modulesourcepath",
+ MOD_SRC_DIR.toString());
+
+ // Create a keystore
+ keytool("-keystore x.jks -storetype jks",
+ "-genkeypair -storepass changeit -keypass changeit",
+ "-alias x -dname CN=X")
+ .shouldHaveExitValue(0);
+
+ // keytool
+
+ String command = "-keystore x.jks -storepass changeit " +
+ "-storetype dummyks -list -debug";
+
+ // Without new provider
+ keytool(command)
+ .shouldHaveExitValue(1)
+ .shouldContain("DUMMYKS not found");
+
+ // legacy use
+ keytool(command,
+ "-providerPath mods/test.dummy",
+ "-providerClass org.test.dummy.DummyProvider -providerArg full")
+ .shouldHaveExitValue(0)
+ .shouldContain("loadProviderByClass: Dummy version 0.2");
+
+ // legacy, on classpath
+ keytool(command,
+ "-J-cp -Jmods/test.dummy",
+ "-providerClass org.test.dummy.DummyProvider -providerArg full")
+ .shouldHaveExitValue(0)
+ .shouldContain("loadProviderByClass: Dummy version 0.2");
+
+ // without arg
+ keytool(command,
+ "-J-cp -Jmods/test.dummy",
+ "-providerClass org.test.dummy.DummyProvider")
+ .shouldHaveExitValue(1)
+ .shouldContain("DUMMYKS not found");
+
+ // -provider does not work anymore
+ keytool(command,
+ "-J-cp -Jmods/test.dummy",
+ "-provider org.test.dummy.DummyProvider -providerArg full")
+ .shouldHaveExitValue(1)
+ .shouldContain("org.test.dummy.DummyProvider not a provider");
+
+ // class in a module
+ keytool(command,
+ "-J-mp -Jmods",
+ "-providerClass org.test.dummy.DummyProvider -providerArg full")
+ .shouldHaveExitValue(0)
+ .shouldContain("loadProviderByClass: Dummy version 0.2");
+
+ // -provider does not work anymore
+ keytool(command,
+ "-J-mp -Jmods",
+ "-provider org.test.dummy.DummyProvider -providerArg full")
+ .shouldHaveExitValue(1)
+ .shouldContain("org.test.dummy.DummyProvider not a provider");
+
+ // name in a module
+ keytool(command,
+ "-J-mp -Jmods",
+ "-provider Dummy -providerArg full")
+ .shouldHaveExitValue(0)
+ .shouldContain("loadProviderByName: Dummy version 0.2");
+
+ // cannot use a name with -providerclass
+ keytool(command,
+ "-J-mp -Jmods",
+ "-providerClass Dummy -providerArg full")
+ .shouldHaveExitValue(1)
+ .shouldContain("Dummy not a provider");
+
+ // jarsigner
+
+ command = "-keystore x.jks -storepass changeit " +
+ "-storetype dummyks -debug x.jar x";
+
+ // Create a jar file
+ jdk.testlibrary.JarUtils.createJar("x.jar", "x.jks");
+
+ // Tests below are identical to the last 7 tests for keytool.
+
+ // legacy, on classpath
+ jarsigner(command,
+ "-J-cp -Jmods/test.dummy",
+ "-providerClass org.test.dummy.DummyProvider -providerArg full")
+ .shouldHaveExitValue(0)
+ .shouldContain("loadProviderByClass: Dummy version 0.2");
+
+ // without arg
+ jarsigner(command,
+ "-J-cp -Jmods/test.dummy",
+ "-providerClass org.test.dummy.DummyProvider")
+ .shouldHaveExitValue(1)
+ .shouldContain("DUMMYKS not found");
+
+ // -provider does not work anymore
+ jarsigner(command,
+ "-J-cp -Jmods/test.dummy",
+ "-provider org.test.dummy.DummyProvider -providerArg full")
+ .shouldHaveExitValue(1)
+ .shouldContain("org.test.dummy.DummyProvider not a provider");
+
+ // class in a module
+ jarsigner(command,
+ "-J-mp -Jmods",
+ "-providerClass org.test.dummy.DummyProvider -providerArg full")
+ .shouldHaveExitValue(0)
+ .shouldContain("loadProviderByClass: Dummy version 0.2");
+
+ // -provider does not work anymore
+ jarsigner(command,
+ "-J-mp -Jmods",
+ "-provider org.test.dummy.DummyProvider -providerArg full")
+ .shouldHaveExitValue(1)
+ .shouldContain("org.test.dummy.DummyProvider not a provider");
+
+ // name in a module
+ jarsigner(command,
+ "-J-mp -Jmods",
+ "-provider Dummy -providerArg full")
+ .shouldHaveExitValue(0)
+ .shouldContain("loadProviderByName: Dummy version 0.2");
+
+ // cannot use a name with -providerclass
+ jarsigner(command,
+ "-J-mp -Jmods",
+ "-providerClass Dummy -providerArg full")
+ .shouldHaveExitValue(1)
+ .shouldContain("Dummy not a provider");
+ }
+
+ static OutputAnalyzer keytool(String... args) throws Throwable {
+ return tool("keytool", args);
+
+ }
+
+ static OutputAnalyzer jarsigner(String... args) throws Throwable {
+ return tool("jarsigner", args);
+
+ }
+
+ static OutputAnalyzer tool(String tool, String... args) throws Throwable {
+ JDKToolLauncher l = JDKToolLauncher.create(tool);
+ for (String arg: args) {
+ for (String a: arg.split(" ")) {
+ if (a.startsWith("-J")) {
+ l.addVMArg(a.substring(2));
+ } else {
+ l.addToolArg(a);
+ }
+ }
+ }
+ return ProcessTools.executeCommand(l.getCommand());
+ }
+}
--- /dev/null 2016-02-19 21:04:43.000000000 +0800
+++ new/test/sun/security/tools/jarsigner/alt/test.dummy/module-info.java 2016-02-19 21:04:43.000000000 +0800
@@ -0,0 +1,26 @@
+/*
+ * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+module test.dummy {
+ provides java.security.Provider with org.test.dummy.DummyProvider;
+}
--- old/test/sun/security/tools/keytool/DummyProvider.java 2016-02-19 21:04:44.000000000 +0800
+++ /dev/null 2016-02-19 21:04:44.000000000 +0800
@@ -1,88 +0,0 @@
-/*
- * Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- *
- *
- * @bug 4906490
- * @summary Dummy security service provider.
- * It is cited by the AltProviderPath.sh script.
- */
-package org.test.dummy;
-
-import java.util.*;
-import java.security.*;
-
-public class DummyProvider extends Provider {
- public DummyProvider() {
- super("Dummy", 0.1, "Dummy Provider");
-
- //
- // KeyStore
- //
- put("KeyStore.DummyKS", "sun.security.provider.JavaKeyStore$JKS");
-
- //
- // Signature engines
- //
- put("Signature.SHA1withDSA",
- "sun.security.provider.DSA$SHA1withDSA");
- put("Alg.Alias.Signature.DSA", "SHA1withDSA");
-
- //
- // Key Pair Generator engines
- //
- put("KeyPairGenerator.DSA",
- "sun.security.provider.DSAKeyPairGenerator");
-
- //
- // Digest engines
- //
- put("MessageDigest.SHA", "sun.security.provider.SHA");
- put("Alg.Alias.MessageDigest.SHA1", "SHA");
-
- //
- // Algorithm Parameter Generator engines
- //
- put("AlgorithmParameterGenerator.DSA",
- "sun.security.provider.DSAParameterGenerator");
-
- //
- // Algorithm Parameter engines
- //
- put("AlgorithmParameters.DSA",
- "sun.security.provider.DSAParameters");
-
- //
- // Key factories
- //
- put("KeyFactory.DSA", "sun.security.provider.DSAKeyFactory");
-
- //
- // Certificate factories
- //
- put("CertificateFactory.X.509",
- "sun.security.provider.X509Factory");
- put("Alg.Alias.CertificateFactory.X509", "X.509");
- }
-}
--- /dev/null 2016-02-19 21:04:44.000000000 +0800
+++ new/test/sun/security/tools/jarsigner/alt/test.dummy/org/test/dummy/DummyProvider.java 2016-02-19 21:04:44.000000000 +0800
@@ -0,0 +1,88 @@
+/*
+ * Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package org.test.dummy;
+
+import java.security.*;
+
+public class DummyProvider extends Provider {
+ public DummyProvider() {
+ super("Dummy", 0.1, "Dummy Provider with nothing");
+ }
+
+ @Override
+ public Provider configure(String configArg) {
+ return new DummyProvider(configArg);
+ }
+
+ private DummyProvider(String arg) {
+ super("Dummy", 0.2, "Dummy Provider with " + arg);
+ //
+ // KeyStore
+ //
+ put("KeyStore.DummyKS", "sun.security.provider.JavaKeyStore$JKS");
+
+ //
+ // Signature engines
+ //
+ put("Signature.SHA1withDSA",
+ "sun.security.provider.DSA$SHA1withDSA");
+ put("Alg.Alias.Signature.DSA", "SHA1withDSA");
+
+ //
+ // Key Pair Generator engines
+ //
+ put("KeyPairGenerator.DSA",
+ "sun.security.provider.DSAKeyPairGenerator");
+
+ //
+ // Digest engines
+ //
+ put("MessageDigest.SHA", "sun.security.provider.SHA");
+ put("Alg.Alias.MessageDigest.SHA1", "SHA");
+
+ //
+ // Algorithm Parameter Generator engines
+ //
+ put("AlgorithmParameterGenerator.DSA",
+ "sun.security.provider.DSAParameterGenerator");
+
+ //
+ // Algorithm Parameter engines
+ //
+ put("AlgorithmParameters.DSA",
+ "sun.security.provider.DSAParameters");
+
+ //
+ // Key factories
+ //
+ put("KeyFactory.DSA", "sun.security.provider.DSAKeyFactory");
+
+ //
+ // Certificate factories
+ //
+ put("CertificateFactory.X.509",
+ "sun.security.provider.X509Factory");
+ put("Alg.Alias.CertificateFactory.X509", "X.509");
+ }
+}
--- old/test/sun/security/tools/keytool/AltProviderPath.sh 2016-02-19 21:04:45.000000000 +0800
+++ /dev/null 2016-02-19 21:04:45.000000000 +0800
@@ -1,122 +0,0 @@
-#
-# Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved.
-# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
-#
-# This code is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License version 2 only, as
-# published by the Free Software Foundation.
-#
-# This code is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-# version 2 for more details (a copy is included in the LICENSE file that
-# accompanied this code).
-#
-# You should have received a copy of the GNU General Public License version
-# 2 along with this work; if not, write to the Free Software Foundation,
-# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-#
-# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
-# or visit www.oracle.com if you need additional information or have any
-# questions.
-#
-
-# @test
-# @bug 4906940
-# @summary Add -providerPath option for keytool allowing one to specify
-# an additional classpath to search for providers.
-# @author Andrew Fan
-#
-# @run build DummyProvider
-# @run shell AltProviderPath.sh
-# set a few environment variables so that the shell-script can run stand-alone
-# in the source directory
-if [ "${TESTSRC}" = "" ] ; then
- TESTSRC="."
-fi
-if [ "${TESTCLASSES}" = "" ] ; then
- TESTCLASSES="."
-fi
-if [ "${TESTJAVA}" = "" ] ; then
- echo "TESTJAVA not set. Test cannot execute."
- echo "FAILED!!!"
- exit 1
-fi
-
-# set platform-dependent variables
-OS=`uname -s`
-case "$OS" in
- SunOS | Linux | Darwin | AIX )
- NULL=/dev/null
- PS=":"
- FS="/"
- ;;
- CYGWIN* )
- NULL=/dev/null
- PS=";"
- FS="/"
- ;;
- Windows_* )
- NULL=NUL
- PS=";"
- FS="\\"
- ;;
- * )
- echo "Unrecognized operating system!"
- exit 1;
- ;;
-esac
-
-# the test code
-#genkey
-${TESTJAVA}${FS}bin${FS}keytool ${TESTTOOLVMOPTS} -genkey -v -alias dummyTestCA \
- -keyalg "RSA" -keysize 1024 -sigalg "ShA1WithRSA" \
- -dname "cn=Dummy Test CA, ou=JSN, o=JavaSoft, c=US" -validity 3650 \
- -keypass storepass -keystore keystoreCA.dks -storepass storepass \
- -storetype "dummyks" -provider "org.test.dummy.DummyProvider" \
- -providerPath ${TESTCLASSES}
-
-if [ $? -ne 0 ]; then
- exit 1
-fi
-
-#Change keystore password
-${TESTJAVA}${FS}bin${FS}keytool ${TESTTOOLVMOPTS} -storepasswd -new storepass2 \
- -keystore keystoreCA.dks -storetype "dummyks" -storepass storepass \
- -provider "org.test.dummy.DummyProvider" -providerPath ${TESTCLASSES}
-
-if [ $? -ne 0 ]; then
- exit 1
-fi
-
-
-#Change keystore key password
-${TESTJAVA}${FS}bin${FS}keytool ${TESTTOOLVMOPTS} -keypasswd -alias "dummyTestCA" \
- -keypass storepass -new keypass -keystore keystoreCA.dks \
- -storetype "dummyks" -storepass storepass2 \
- -provider "org.test.dummy.DummyProvider" -providerPath ${TESTCLASSES}
-
-if [ $? -ne 0 ]; then
- exit 1
-fi
-
-#Export certificate
-${TESTJAVA}${FS}bin${FS}keytool ${TESTTOOLVMOPTS} -v -export -rfc -alias "dummyTestCA" \
- -file "dummyTestCA.der" -keystore keystoreCA.dks -storetype "dummyks" \
- -storepass storepass2 -provider "org.test.dummy.DummyProvider" \
- -providerPath ${TESTCLASSES}
-
-if [ $? -ne 0 ]; then
- exit 1
-fi
-
-#list keystore
-${TESTJAVA}${FS}bin${FS}keytool ${TESTTOOLVMOPTS} -v -list -keystore keystoreCA.dks \
- -storetype "dummyks" -storepass storepass2 \
- -provider "org.test.dummy.DummyProvider" -providerPath ${TESTCLASSES}
-
-if [ $? -ne 0 ]; then
- exit 1
-fi
-
-exit 0