jdk Cdiff src/java.base/share/classes/sun/security/tools/keytool/Resources.java

src/java.base/share/classes/sun/security/tools/keytool/Resources.java

rev 16540 : 8171319: keytool should print out warnings when reading or generating cert/cert req using weak algorithms


*** 358,369 ****
          {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
                   "Enter new alias name\t(RETURN to cancel import for this entry):  "},
          {"Enter.alias.name.", "Enter alias name:  "},
          {".RETURN.if.same.as.for.otherAlias.",
                  "\t(RETURN if same as for <{0}>)"},
-         {".PATTERN.printX509Cert",
-                 "Owner: {0}\nIssuer: {1}\nSerial number: {2}\nValid from: {3} until: {4}\nCertificate fingerprints:\n\t SHA1: {5}\n\t SHA256: {6}\nSignature algorithm name: {7}\nSubject Public Key Algorithm: {8} ({9,number,#})\nVersion: {10}"},
          {"What.is.your.first.and.last.name.",
                  "What is your first and last name?"},
          {"What.is.the.name.of.your.organizational.unit.",
                  "What is the name of your organizational unit?"},
          {"What.is.the.name.of.your.organization.",
--- 358,367 ----
*** 426,454 ****
          {"Secret.key.not.generated.alias.alias.already.exists",
                  "Secret Key not generated, alias <{0}> already exists"},
          {"Please.provide.keysize.for.secret.key.generation",
                  "Please provide -keysize for secret key generation"},
  
-         {"verified.by.s.in.s", "Verified by %s in %s"},
          {"warning.not.verified.make.sure.keystore.is.correct",
              "WARNING: not verified. Make sure -keystore is correct."},
  
          {"Extensions.", "Extensions: "},
          {".Empty.value.", "(Empty value)"},
          {"Extension.Request.", "Extension Request:"},
-         {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
-                 "PKCS #10 Certificate Request (Version 1.0)\n" +
-                 "Subject: %s\nPublic Key: %s format %s key\n"},
          {"Unknown.keyUsage.type.", "Unknown keyUsage type: "},
          {"Unknown.extendedkeyUsage.type.", "Unknown extendedkeyUsage type: "},
          {"Unknown.AccessDescription.type.", "Unknown AccessDescription type: "},
          {"Unrecognized.GeneralName.type.", "Unrecognized GeneralName type: "},
          {"This.extension.cannot.be.marked.as.critical.",
                   "This extension cannot be marked as critical. "},
          {"Odd.number.of.hex.digits.found.", "Odd number of hex digits found: "},
          {"Unknown.extension.type.", "Unknown extension type: "},
!         {"command.{0}.is.ambiguous.", "command {0} is ambiguous:"}
      };
  
  
      /**
       * Returns the contents of this <code>ResourceBundle</code>.
--- 424,472 ----
          {"Secret.key.not.generated.alias.alias.already.exists",
                  "Secret Key not generated, alias <{0}> already exists"},
          {"Please.provide.keysize.for.secret.key.generation",
                  "Please provide -keysize for secret key generation"},
  
          {"warning.not.verified.make.sure.keystore.is.correct",
              "WARNING: not verified. Make sure -keystore is correct."},
  
          {"Extensions.", "Extensions: "},
          {".Empty.value.", "(Empty value)"},
          {"Extension.Request.", "Extension Request:"},
          {"Unknown.keyUsage.type.", "Unknown keyUsage type: "},
          {"Unknown.extendedkeyUsage.type.", "Unknown extendedkeyUsage type: "},
          {"Unknown.AccessDescription.type.", "Unknown AccessDescription type: "},
          {"Unrecognized.GeneralName.type.", "Unrecognized GeneralName type: "},
          {"This.extension.cannot.be.marked.as.critical.",
                   "This extension cannot be marked as critical. "},
          {"Odd.number.of.hex.digits.found.", "Odd number of hex digits found: "},
          {"Unknown.extension.type.", "Unknown extension type: "},
!         {"command.{0}.is.ambiguous.", "command {0} is ambiguous:"},
! 
!         // 8171319: keytool should print out warnings when reading or
!         // generating cert/cert req using weak algorithms
!         {"the.input", "The input"},
!         {"the.output", "The output"},
!         {"the.issuer", "The issuer"},
!         {"reply", "Reply"},
!         {"root", "Root"},
!         {"one.in.many", "#%d of %d"},
!         {"label.which", "%s %s"},
!         {"alias.in.cacerts", "<%s> in cacerts"},
!         {"with.weak", "%s (weak)"},
!         {"key.bit", "%d-bit %s key"},
!         {"key.bit.weak", "%d-bit %s key (weak)"},
!         {".PATTERN.printX509Cert.with.weak",
!                 "Owner: {0}\nIssuer: {1}\nSerial number: {2}\nValid from: {3} until: {4}\nCertificate fingerprints:\n\t SHA1: {5}\n\t SHA256: {6}\nSignature algorithm name: {7}\nSubject Public Key Algorithm: {8}\nVersion: {9}"},
!         {"PKCS.10.with.weak",
!                 "PKCS #10 Certificate Request (Version 1.0)\n" +
!                         "Subject: %s\nFormat: %s\nPublic Key: %s\nSignature algorithm: %s\n"},
!         {"verified.by.s.in.s.weak", "Verified by %s in %s with a %s"},
!         {"sigalg.risk", "The %s signature algorithm is considered a security risk."},
!         {"whose.sigalg.risk", "%s's %s signature algorithm is considered a security risk."},
!         {"key.risk", "A %s is considered a security risk."},
!         {"whose.key.risk", "%s's %s is considered a security risk."},
      };
  
  
      /**
       * Returns the contents of this <code>ResourceBundle</code>.

< prev index next >