1 /* 2 * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package sun.security.tools.jarsigner; 27 28 /** 29 * <p> This class represents the <code>ResourceBundle</code> 30 * for JarSigner. 31 * 32 */ 33 public class Resources extends java.util.ListResourceBundle { 34 35 private static final Object[][] contents = { 36 37 // shared (from jarsigner) 38 {"SPACE", " "}, 39 {"2SPACE", " "}, 40 {"6SPACE", " "}, 41 {"COMMA", ", "}, 42 43 {"provName.not.a.provider", "{0} not a provider"}, 44 {"signerClass.is.not.a.signing.mechanism", "{0} is not a signing mechanism"}, 45 {"jarsigner.error.", "jarsigner error: "}, 46 {"Illegal.option.", "Illegal option: "}, 47 {".keystore.must.be.NONE.if.storetype.is.{0}", 48 "-keystore must be NONE if -storetype is {0}"}, 49 {".keypass.can.not.be.specified.if.storetype.is.{0}", 50 "-keypass can not be specified if -storetype is {0}"}, 51 {"If.protected.is.specified.then.storepass.and.keypass.must.not.be.specified", 52 "If -protected is specified, then -storepass and -keypass must not be specified"}, 53 {"If.keystore.is.not.password.protected.then.storepass.and.keypass.must.not.be.specified", 54 "If keystore is not password protected, then -storepass and -keypass must not be specified"}, 55 {"Usage.jarsigner.options.jar.file.alias", 56 "Usage: jarsigner [options] jar-file alias"}, 57 {".jarsigner.verify.options.jar.file.alias.", 58 " jarsigner -verify [options] jar-file [alias...]"}, 59 {".keystore.url.keystore.location", 60 "[-keystore <url>] keystore location"}, 61 {".storepass.password.password.for.keystore.integrity", 62 "[-storepass <password>] password for keystore integrity"}, 63 {".storetype.type.keystore.type", 64 "[-storetype <type>] keystore type"}, 65 {".keypass.password.password.for.private.key.if.different.", 66 "[-keypass <password>] password for private key (if different)"}, 67 {".certchain.file.name.of.alternative.certchain.file", 68 "[-certchain <file>] name of alternative certchain file"}, 69 {".sigfile.file.name.of.SF.DSA.file", 70 "[-sigfile <file>] name of .SF/.DSA file"}, 71 {".signedjar.file.name.of.signed.JAR.file", 72 "[-signedjar <file>] name of signed JAR file"}, 73 {".digestalg.algorithm.name.of.digest.algorithm", 74 "[-digestalg <algorithm>] name of digest algorithm"}, 75 {".sigalg.algorithm.name.of.signature.algorithm", 76 "[-sigalg <algorithm>] name of signature algorithm"}, 77 {".verify.verify.a.signed.JAR.file", 78 "[-verify] verify a signed JAR file"}, 79 {".verbose.suboptions.verbose.output.when.signing.verifying.", 80 "[-verbose[:suboptions]] verbose output when signing/verifying."}, 81 {".suboptions.can.be.all.grouped.or.summary", 82 " suboptions can be all, grouped or summary"}, 83 {".certs.display.certificates.when.verbose.and.verifying", 84 "[-certs] display certificates when verbose and verifying"}, 85 {".tsa.url.location.of.the.Timestamping.Authority", 86 "[-tsa <url>] location of the Timestamping Authority"}, 87 {".tsacert.alias.public.key.certificate.for.Timestamping.Authority", 88 "[-tsacert <alias>] public key certificate for Timestamping Authority"}, 89 {".tsapolicyid.tsapolicyid.for.Timestamping.Authority", 90 "[-tsapolicyid <oid>] TSAPolicyID for Timestamping Authority"}, 91 {".tsadigestalg.algorithm.of.digest.data.in.timestamping.request", 92 "[-tsadigestalg <algorithm>] algorithm of digest data in timestamping request"}, 93 {".altsigner.class.class.name.of.an.alternative.signing.mechanism", 94 "[-altsigner <class>] class name of an alternative signing mechanism"}, 95 {".altsignerpath.pathlist.location.of.an.alternative.signing.mechanism", 96 "[-altsignerpath <pathlist>] location of an alternative signing mechanism"}, 97 {".internalsf.include.the.SF.file.inside.the.signature.block", 98 "[-internalsf] include the .SF file inside the signature block"}, 99 {".sectionsonly.don.t.compute.hash.of.entire.manifest", 100 "[-sectionsonly] don't compute hash of entire manifest"}, 101 {".protected.keystore.has.protected.authentication.path", 102 "[-protected] keystore has protected authentication path"}, 103 {".providerName.name.provider.name", 104 "[-providerName <name>] provider name"}, 105 {".providerClass.class.name.of.cryptographic.service.provider.s", 106 "[-providerClass <class> name of cryptographic service provider's"}, 107 {".providerArg.arg.master.class.file.and.constructor.argument", 108 " [-providerArg <arg>]] ... master class file and constructor argument"}, 109 {".strict.treat.warnings.as.errors", 110 "[-strict] treat warnings as errors"}, 111 {"Option.lacks.argument", "Option lacks argument"}, 112 {"Please.type.jarsigner.help.for.usage", "Please type jarsigner -help for usage"}, 113 {"Please.specify.jarfile.name", "Please specify jarfile name"}, 114 {"Please.specify.alias.name", "Please specify alias name"}, 115 {"Only.one.alias.can.be.specified", "Only one alias can be specified"}, 116 {"This.jar.contains.signed.entries.which.is.not.signed.by.the.specified.alias.es.", 117 "This jar contains signed entries which are not signed by the specified alias(es)."}, 118 {"This.jar.contains.signed.entries.that.s.not.signed.by.alias.in.this.keystore.", 119 "This jar contains signed entries that are not signed by alias in this keystore."}, 120 {"s", "s"}, 121 {"m", "m"}, 122 {"k", "k"}, 123 {"i", "i"}, 124 {".and.d.more.", "(and %d more)"}, 125 {".s.signature.was.verified.", 126 " s = signature was verified "}, 127 {".m.entry.is.listed.in.manifest", 128 " m = entry is listed in manifest"}, 129 {".k.at.least.one.certificate.was.found.in.keystore", 130 " k = at least one certificate was found in keystore"}, 131 {".i.at.least.one.certificate.was.found.in.identity.scope", 132 " i = at least one certificate was found in identity scope"}, 133 {".X.not.signed.by.specified.alias.es.", 134 " X = not signed by specified alias(es)"}, 135 {"no.manifest.", "no manifest."}, 136 {".Signature.related.entries.","(Signature related entries)"}, 137 {".Unsigned.entries.", "(Unsigned entries)"}, 138 {"jar.is.unsigned", 139 "jar is unsigned."}, 140 {"jar.treated.unsigned", 141 "WARNING: Signature is either not parsable or not verifiable, and the jar will be treated as unsigned. For more information, re-run jarsigner with debug enabled (-J-Djava.security.debug=jar)."}, 142 {"jar.treated.unsigned.see.weak", 143 "The jar will be treated as unsigned, because it is signed with a weak algorithm that is now disabled.\n\nRe-run jarsigner with the -verbose option for more details."}, 144 {"jar.treated.unsigned.see.weak.verbose", 145 "WARNING: The jar will be treated as unsigned, because it is signed with a weak algorithm that is now disabled by the security property:"}, 146 {"jar.signed.", "jar signed."}, 147 {"jar.signed.with.signer.errors.", "jar signed, with signer errors."}, 148 {"jar.verified.", "jar verified."}, 149 {"jar.verified.with.signer.errors.", "jar verified, with signer errors."}, 150 151 {"history.with.ts", "- Signed by \"%1$s\"\n Digest algorithm: %2$s\n Signature algorithm: %3$s, %4$s\n Timestamped by \"%6$s\" on %5$tc\n Timestamp digest algorithm: %7$s\n Timestamp signature algorithm: %8$s, %9$s"}, 152 {"history.without.ts", "- Signed by \"%1$s\"\n Digest algorithm: %2$s\n Signature algorithm: %3$s, %4$s"}, 153 {"history.unparsable", "- Unparsable signature-related file %s"}, 154 {"history.nosf", "- Missing signature-related file META-INF/%s.SF"}, 155 {"history.nobk", "- Missing block file for signature-related file META-INF/%s.SF"}, 156 157 {"with.weak", "%s (weak)"}, 158 {"key.bit", "%d-bit key"}, 159 {"key.bit.weak", "%d-bit key (weak)"}, 160 161 {"jarsigner.", "jarsigner: "}, 162 {"signature.filename.must.consist.of.the.following.characters.A.Z.0.9.or.", 163 "signature filename must consist of the following characters: A-Z, 0-9, _ or -"}, 164 {"unable.to.open.jar.file.", "unable to open jar file: "}, 165 {"unable.to.create.", "unable to create: "}, 166 {".adding.", " adding: "}, 167 {".updating.", " updating: "}, 168 {".signing.", " signing: "}, 169 {"attempt.to.rename.signedJarFile.to.jarFile.failed", 170 "attempt to rename {0} to {1} failed"}, 171 {"attempt.to.rename.jarFile.to.origJar.failed", 172 "attempt to rename {0} to {1} failed"}, 173 {"unable.to.sign.jar.", "unable to sign jar: "}, 174 {"Enter.Passphrase.for.keystore.", "Enter Passphrase for keystore: "}, 175 {"keystore.load.", "keystore load: "}, 176 {"certificate.exception.", "certificate exception: "}, 177 {"unable.to.instantiate.keystore.class.", 178 "unable to instantiate keystore class: "}, 179 {"Certificate.chain.not.found.for.alias.alias.must.reference.a.valid.KeyStore.key.entry.containing.a.private.key.and", 180 "Certificate chain not found for: {0}. {1} must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain."}, 181 {"File.specified.by.certchain.does.not.exist", 182 "File specified by -certchain does not exist"}, 183 {"Cannot.restore.certchain.from.file.specified", 184 "Cannot restore certchain from file specified"}, 185 {"Certificate.chain.not.found.in.the.file.specified.", 186 "Certificate chain not found in the file specified."}, 187 {"found.non.X.509.certificate.in.signer.s.chain", 188 "found non-X.509 certificate in signer's chain"}, 189 {"incomplete.certificate.chain", "incomplete certificate chain"}, 190 {"Enter.key.password.for.alias.", "Enter key password for {0}: "}, 191 {"unable.to.recover.key.from.keystore", 192 "unable to recover key from keystore"}, 193 {"key.associated.with.alias.not.a.private.key", 194 "key associated with {0} not a private key"}, 195 {"you.must.enter.key.password", "you must enter key password"}, 196 {"unable.to.read.password.", "unable to read password: "}, 197 {"certificate.is.valid.from", "certificate is valid from {0} to {1}"}, 198 {"certificate.expired.on", "certificate expired on {0}"}, 199 {"certificate.is.not.valid.until", 200 "certificate is not valid until {0}"}, 201 {"certificate.will.expire.on", "certificate will expire on {0}"}, 202 {".Invalid.certificate.chain.", "[Invalid certificate chain: "}, 203 {".Invalid.TSA.certificate.chain.", "[Invalid TSA certificate chain: "}, 204 {"requesting.a.signature.timestamp", 205 "requesting a signature timestamp"}, 206 {"TSA.location.", "TSA location: "}, 207 {"TSA.certificate.", "TSA certificate: "}, 208 {"no.response.from.the.Timestamping.Authority.", 209 "no response from the Timestamping Authority. When connecting" 210 + " from behind a firewall an HTTP or HTTPS proxy may need to" 211 + " be specified. Supply the following options to jarsigner:"}, 212 {"or", "or"}, 213 {"Certificate.not.found.for.alias.alias.must.reference.a.valid.KeyStore.entry.containing.an.X.509.public.key.certificate.for.the", 214 "Certificate not found for: {0}. {1} must reference a valid KeyStore entry containing an X.509 public key certificate for the Timestamping Authority."}, 215 {"using.an.alternative.signing.mechanism", 216 "using an alternative signing mechanism"}, 217 {"entry.was.signed.on", "entry was signed on {0}"}, 218 {"Warning.", "Warning: "}, 219 {"Error.", "Error: "}, 220 {"...Signer", ">>> Signer"}, 221 {"...TSA", ">>> TSA"}, 222 {"trusted.certificate", "trusted certificate"}, 223 {"This.jar.contains.unsigned.entries.which.have.not.been.integrity.checked.", 224 "This jar contains unsigned entries which have not been integrity-checked. "}, 225 {"This.jar.contains.entries.whose.signer.certificate.has.expired.", 226 "This jar contains entries whose signer certificate has expired. "}, 227 {"This.jar.contains.entries.whose.signer.certificate.will.expire.within.six.months.", 228 "This jar contains entries whose signer certificate will expire within six months. "}, 229 {"This.jar.contains.entries.whose.signer.certificate.is.not.yet.valid.", 230 "This jar contains entries whose signer certificate is not yet valid. "}, 231 {"This.jar.contains.entries.whose.signer.certificate.is.self.signed.", 232 "This jar contains entries whose signer certificate is self-signed."}, 233 {"Re.run.with.the.verbose.option.for.more.details.", 234 "Re-run with the -verbose option for more details."}, 235 {"Re.run.with.the.verbose.and.certs.options.for.more.details.", 236 "Re-run with the -verbose and -certs options for more details."}, 237 {"The.signer.certificate.has.expired.", 238 "The signer certificate has expired."}, 239 {"The.timestamp.expired.1.but.usable.2", 240 "The timestamp expired on %1$tY-%1$tm-%1$td. However, the JAR will be valid until the signer certificate expires on %2$tY-%2$tm-%2$td."}, 241 {"The.timestamp.has.expired.", 242 "The timestamp has expired."}, 243 {"The.signer.certificate.will.expire.within.six.months.", 244 "The signer certificate will expire within six months."}, 245 {"The.timestamp.will.expire.within.one.year.on.1", 246 "The timestamp will expire within one year on %1$tY-%1$tm-%1$td."}, 247 {"The.timestamp.will.expire.within.one.year.on.1.but.2", 248 "The timestamp will expire within one year on %1$tY-%1$tm-%1$td. However, the JAR will be valid until the signer certificate expires on %2$tY-%2$tm-%2$td."}, 249 {"The.signer.certificate.is.not.yet.valid.", 250 "The signer certificate is not yet valid."}, 251 {"The.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing.", 252 "The signer certificate's KeyUsage extension doesn't allow code signing."}, 253 {"The.signer.certificate.s.ExtendedKeyUsage.extension.doesn.t.allow.code.signing.", 254 "The signer certificate's ExtendedKeyUsage extension doesn't allow code signing."}, 255 {"The.signer.certificate.s.NetscapeCertType.extension.doesn.t.allow.code.signing.", 256 "The signer certificate's NetscapeCertType extension doesn't allow code signing."}, 257 {"This.jar.contains.entries.whose.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing.", 258 "This jar contains entries whose signer certificate's KeyUsage extension doesn't allow code signing."}, 259 {"This.jar.contains.entries.whose.signer.certificate.s.ExtendedKeyUsage.extension.doesn.t.allow.code.signing.", 260 "This jar contains entries whose signer certificate's ExtendedKeyUsage extension doesn't allow code signing."}, 261 {"This.jar.contains.entries.whose.signer.certificate.s.NetscapeCertType.extension.doesn.t.allow.code.signing.", 262 "This jar contains entries whose signer certificate's NetscapeCertType extension doesn't allow code signing."}, 263 {".{0}.extension.does.not.support.code.signing.", 264 "[{0} extension does not support code signing]"}, 265 {"The.signer.s.certificate.chain.is.invalid.reason.1", 266 "The signer's certificate chain is invalid. Reason: %s"}, 267 {"The.tsa.certificate.chain.is.invalid.reason.1", 268 "The TSA certificate chain is invalid. Reason: %s"}, 269 {"The.signer.s.certificate.is.self.signed.", 270 "The signer's certificate is self-signed."}, 271 {"The.1.algorithm.specified.for.the.2.option.is.considered.a.security.risk.", 272 "The %1$s algorithm specified for the %2$s option is considered a security risk."}, 273 {"This.jar.contains.entries.whose.certificate.chain.is.invalid.reason.1", 274 "This jar contains entries whose certificate chain is invalid. Reason: %s"}, 275 {"This.jar.contains.entries.whose.tsa.certificate.chain.is.invalid.reason.1", 276 "This jar contains entries whose TSA certificate chain is invalid. Reason: %s"}, 277 {"no.timestamp.signing", 278 "No -tsa or -tsacert is provided and this jar is not timestamped. Without a timestamp, users may not be able to validate this jar after the signer certificate's expiration date (%1$tY-%1$tm-%1$td) or after any future revocation date."}, 279 {"invalid.timestamp.signing", 280 "The timestamp is invalid. Without a valid timestamp, users may not be able to validate this jar after the signer certificate's expiration date (%1$tY-%1$tm-%1$td)."}, 281 {"no.timestamp.verifying", 282 "This jar contains signatures that do not include a timestamp. Without a timestamp, users may not be able to validate this jar after any of the signer certificates expire (as early as %1$tY-%1$tm-%1$td)."}, 283 {"bad.timestamp.verifying", 284 "This jar contains signatures that include an invalid timestamp. Without a valid timestamp, users may not be able to validate this jar after any of the signer certificates expire (as early as %1$tY-%1$tm-%1$td).\nRerun jarsigner with -J-Djava.security.debug=jar for more information."}, 285 {"The.signer.certificate.will.expire.on.1.", 286 "The signer certificate will expire on %1$tY-%1$tm-%1$td."}, 287 {"The.timestamp.will.expire.on.1.", 288 "The timestamp will expire on %1$tY-%1$tm-%1$td."}, 289 {"signer.cert.expired.1.but.timestamp.good.2.", 290 "The signer certificate expired on %1$tY-%1$tm-%1$td. However, the JAR will be valid until the timestamp expires on %2$tY-%2$tm-%2$td."}, 291 {"Unknown.password.type.", "Unknown password type: "}, 292 {"Cannot.find.environment.variable.", 293 "Cannot find environment variable: "}, 294 {"Cannot.find.file.", "Cannot find file: "}, 295 }; 296 297 /** 298 * Returns the contents of this <code>ResourceBundle</code>. 299 * 300 * <p> 301 * 302 * @return the contents of this <code>ResourceBundle</code>. 303 */ 304 @Override 305 public Object[][] getContents() { 306 return contents; 307 } 308 }