Skip to content
Permalink
Browse files
8272163: Add -version option to keytool and jarsigner
Reviewed-by: weijun
  • Loading branch information
Hai-May Chao committed Oct 22, 2021
1 parent 6523c55 commit fec470f262d1df581f2a5fc2f0bdfea66757a8ad
Show file tree
Hide file tree
Showing 6 changed files with 213 additions and 1 deletion.
@@ -262,6 +262,7 @@ enum Command {
ADDPROVIDER, PROVIDERCLASS, PROVIDERPATH, V),
SHOWINFO("showinfo.command.help",
TLS, V),
VERSION("Prints.the.program.version"),

// Undocumented start here, KEYCLONE is used a marker in -help;

@@ -717,7 +718,7 @@ else if (collator.compare(flags, "-v") == 0) {
}

boolean isKeyStoreRelated(Command cmd) {
return cmd != PRINTCERTREQ && cmd != SHOWINFO;
return cmd != PRINTCERTREQ && cmd != SHOWINFO && cmd != VERSION;
}

/**
@@ -1337,6 +1338,8 @@ && isKeyStoreRelated(command)
doPrintCRL(filename, out);
} else if (command == SHOWINFO) {
doShowInfo();
} else if (command == VERSION) {
doPrintVersion();
}

// If we need to save the keystore, do so.
@@ -2794,6 +2797,10 @@ private void doShowInfo() throws Exception {
}
}

private void doPrintVersion() {
System.out.println("keytool " + System.getProperty("java.version"));
}

private Collection<? extends Certificate> generateCertificates(InputStream in)
throws CertificateException, IOException {
byte[] data = in.readAllBytes();
@@ -97,6 +97,7 @@ public class Resources extends java.util.ListResourceBundle {
{"Changes.the.store.password.of.a.keystore",
"Changes the store password of a keystore"}, //-storepasswd
{"showinfo.command.help", "Displays security-related information"},
{"Prints.the.program.version", "Prints the program version"},

// keytool: help: options
{"alias.name.of.the.entry.to.process",
@@ -163,6 +163,7 @@ public static void main(String args[]) throws Exception {
String tSAPolicyID;
String tSADigestAlg;
boolean verify = false; // verify the jar
boolean version = false; // print the program version
String verbose = null; // verbose output when signing/verifying
boolean showcerts = false; // show certs when verifying
boolean debug = false; // debug
@@ -479,6 +480,8 @@ String[] parseArgs(String args[]) throws Exception {
externalSF = false;
} else if (collator.compare(flags, "-verify") ==0) {
verify = true;
} else if (collator.compare(flags, "-version") ==0) {
version = true;
} else if (collator.compare(flags, "-verbose") ==0) {
verbose = (modifier != null) ? modifier : "all";
} else if (collator.compare(flags, "-sigalg") ==0) {
@@ -506,6 +509,14 @@ String[] parseArgs(String args[]) throws Exception {
}
}

/*
* When `-version` is specified but `-help` is not specified, jarsigner
* will only print the program version and ignore other options if any.
*/
if (version) {
doPrintVersion();
}

// -certs must always be specified with -verbose
if (verbose == null) showcerts = false;

@@ -597,11 +608,18 @@ static void usage() {
System.exit(1);
}

static void doPrintVersion() {
System.out.println("jarsigner " + System.getProperty("java.version"));
System.exit(0);
}

static void fullusage() {
System.out.println(rb.getString
("Usage.jarsigner.options.jar.file.alias"));
System.out.println(rb.getString
(".jarsigner.verify.options.jar.file.alias."));
System.out.println(rb.getString
(".jarsigner.version"));
System.out.println();
System.out.println(rb.getString
(".keystore.url.keystore.location"));
@@ -633,6 +651,9 @@ static void fullusage() {
System.out.println(rb.getString
(".verify.verify.a.signed.JAR.file"));
System.out.println();
System.out.println(rb.getString
(".version.print.the.program.version"));
System.out.println();
System.out.println(rb.getString
(".verbose.suboptions.verbose.output.when.signing.verifying."));
System.out.println(rb.getString
@@ -57,6 +57,8 @@ public class Resources extends java.util.ListResourceBundle {
"Usage: jarsigner [options] jar-file alias"},
{".jarsigner.verify.options.jar.file.alias.",
" jarsigner -verify [options] jar-file [alias...]"},
{".jarsigner.version",
" jarsigner -version"},
{".keystore.url.keystore.location",
"[-keystore <url>] keystore location"},
{".storepass.password.password.for.keystore.integrity",
@@ -77,6 +79,8 @@ public class Resources extends java.util.ListResourceBundle {
"[-sigalg <algorithm>] name of signature algorithm"},
{".verify.verify.a.signed.JAR.file",
"[-verify] verify a signed JAR file"},
{".version.print.the.program.version",
"[-version] print the program version"},
{".verbose.suboptions.verbose.output.when.signing.verifying.",
"[-verbose[:suboptions]] verbose output when signing/verifying."},
{".suboptions.can.be.all.grouped.or.summary",
@@ -0,0 +1,107 @@
/*
* Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/

/*
* @test
* @bug 8272163
* @summary jarsigner -version test
* @library /test/lib
*/

import jdk.test.lib.SecurityTools;
import jdk.test.lib.util.JarUtils;
import java.nio.file.Path;

public class VersionTest {

public static void main(String[] args) throws Exception {
SecurityTools.jarsigner("-version")
.shouldContain("jarsigner")
.shouldHaveExitValue(0);

SecurityTools.jarsigner("-version -erropt")
.shouldContain("Illegal option: -erropt")
.shouldContain("Please type jarsigner --help for usage")
.shouldHaveExitValue(1);

SecurityTools.jarsigner("-verify -erropt")
.shouldContain("Illegal option: -erropt")
.shouldContain("Please type jarsigner --help for usage")
.shouldHaveExitValue(1);

SecurityTools.jarsigner("-version --help")
.shouldContain("Usage: jarsigner [options] jar-file alias")
.shouldContain("[-verify] verify a signed JAR file")
.shouldContain("[-version] print the program version")
.shouldHaveExitValue(0);

SecurityTools.jarsigner("--help -version")
.shouldContain("Usage: jarsigner [options] jar-file alias")
.shouldContain("[-verify] verify a signed JAR file")
.shouldContain("[-version] print the program version")
.shouldHaveExitValue(0);

SecurityTools.jarsigner("-verify --help")
.shouldContain("Usage: jarsigner [options] jar-file alias")
.shouldContain("[-verify] verify a signed JAR file")
.shouldContain("[-version] print the program version")
.shouldHaveExitValue(0);

SecurityTools.jarsigner("--help")
.shouldContain("Usage: jarsigner [options] jar-file alias")
.shouldContain("[-verify] verify a signed JAR file")
.shouldContain("[-version] print the program version")
.shouldHaveExitValue(0);

SecurityTools.jarsigner()
.shouldContain("Usage: jarsigner [options] jar-file alias")
.shouldContain("[-verify] verify a signed JAR file")
.shouldContain("[-version] print the program version")
.shouldHaveExitValue(0);

SecurityTools.keytool("-genkeypair -keystore ks -storepass changeit" +
" -keyalg rsa -dname CN=ee -alias ee")
.shouldHaveExitValue(0);

JarUtils.createJarFile(Path.of("a.jar"), Path.of("."), Path.of("."));

/*
* -version is specified but -help is not specified, jarsigner
* will only print the program version and ignore other options.
*/
SecurityTools.jarsigner("-keystore ks -storepass changeit" +
" -signedjar signeda.jar a.jar ee -version")
.shouldNotContain("jar signed.")
.shouldContain("jarsigner ")
.shouldHaveExitValue(0);

/*
* -version is specified but -help is not specified, jarsigner
* will only print the program version and ignore other options.
*/
SecurityTools.jarsigner("-version -verify a.jar")
.shouldNotContain("jar is unsigned.")
.shouldContain("jarsigner ")
.shouldHaveExitValue(0);
}
}
@@ -0,0 +1,72 @@
/*
* Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/

/*
* @test
* @bug 8272163
* @summary keytool -version test
* @library /test/lib
*/

import jdk.test.lib.SecurityTools;

public class VersionTest {

public static void main(String[] args) throws Exception {
SecurityTools.keytool("-version")
.shouldContain("keytool")
.shouldHaveExitValue(0);

SecurityTools.keytool("-version -erropt")
.shouldContain("Illegal option: -erropt")
.shouldContain("Prints the program version")
.shouldContain("Use \"keytool -?, -h, or --help\" for this help message")
.shouldHaveExitValue(1);

SecurityTools.keytool("-genkeypair -erropt")
.shouldContain("Illegal option: -erropt")
.shouldContain("Generates a key pair")
.shouldContain("Use \"keytool -?, -h, or --help\" for this help message")
.shouldHaveExitValue(1);

SecurityTools.keytool("-version --help")
.shouldContain("Prints the program version")
.shouldContain("Use \"keytool -?, -h, or --help\" for this help message")
.shouldHaveExitValue(0);

SecurityTools.keytool("--help -version")
.shouldContain("Prints the program version")
.shouldContain("Use \"keytool -?, -h, or --help\" for this help message")
.shouldHaveExitValue(0);

SecurityTools.keytool("-genkeypair --help")
.shouldContain("Generates a key pair")
.shouldContain("Use \"keytool -?, -h, or --help\" for this help message")
.shouldHaveExitValue(0);

SecurityTools.keytool("--help")
.shouldContain("-genkeypair Generates a key pair")
.shouldContain("-version Prints the program version")
.shouldHaveExitValue(0);
}
}

1 comment on commit fec470f

@openjdk-notifier
Copy link

@openjdk-notifier openjdk-notifier bot commented on fec470f Oct 22, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please sign in to comment.