0N/A<html>
0N/A<body>
0N/A
0N/A<applet width=100 height=100 code=i18n.class>
0N/A</applet>
0N/A
0N/AThis is a multi-stage test. Click on "done" when you have completed
0N/Areading these instructions. For each instruction, make sure the output
0N/Afrom keytool is correct (you can read everything in english fine).
0N/A
0N/A<ol>
0N/A<li> rm ~/.keystore
0N/A If you are on a Windows platform, delete the .keystore file in
0N/A your home directory.
0N/A<li> keytool -help
0N/A<li> keytool -genkey -v -keysize 512
0N/A Enter "a" for the keystore password. Check error (password too short).
0N/A Enter "password" for the keystore password.
0N/A Re-enter "password" to confirm.
0N/A Hit 'return' for "first and last name", "organizational unit",
0N/A "organization", "City", "State", and "Country Code".
0N/A Type "yes" when they ask you if everything is correct.
0N/A Type 'return' for new key password.
0N/A<li> keytool -list -v -storepass password
0N/A<li> keytool -list -v
0N/A Type "a" for the keystore password.
0N/A Check error (wrong keystore password).
0N/A<li> keytool -genkey -v -keysize 512
0N/A Enter "password" as the password.
0N/A Check error (alias 'mykey' already exists).
0N/A<li> keytool -genkey -v -keysize 512 -alias mykey2 -storepass password
0N/A Hit 'return' for "first and last name", "organizational unit",
0N/A "organization", "City", "State", and "Country Code".
0N/A Type "yes" when they ask you if everything is correct.
0N/A Type 'return' for new key password.
0N/A<li> keytool -list -v
0N/A Type 'password' for the store password.
0N/A<li> keytool -keypasswd -v -alias mykey2 -storepass password
0N/A Type "a" for the new key password.
0N/A Type "aaaaaa" for the new key password.
0N/A Type "bbbbbb" when re-entering the new key password.
0N/A Type "a" for the new key password.
0N/A Check Error (too many failures).
0N/A<li> keytool -keypasswd -v -alias mykey2 -storepass password
0N/A Type "aaaaaa" for the new key password.
0N/A Type "aaaaaa" when re-entering the new key password.
0N/A<li> keytool -selfcert -v -alias mykey -storepass password
0N/A<li> keytool -list -v -storepass password
0N/A<li> keytool -export -v -alias mykey -file /tmp/cert -storepass password
0N/A<li> keytool -import -v -file /tmp/cert -storepass password
0N/A Check error (Certificate reply and cert are the same)
0N/A<li> keytool -printcert -file /tmp/cert
0N/A<li> keytool -list -storepass password -provider sun.security.provider.Sun
0N/A</ol>
0N/A
0N/AError tests
0N/A
0N/A<ol>
0N/A<li> keytool -storepasswd -storepass password -new abc
0N/A Check error (password too short)
0N/A<!--li> keytool -list -storetype PKCS11
0N/A Check error (-keystore must be NONE)-->
0N/A<li> keytool -storepasswd -storetype PKCS11 -keystore NONE
0N/A Check error (unsupported operation)
0N/A<li> keytool -keypasswd -storetype PKCS11 -keystore NONE
0N/A Check error (unsupported operation)
0N/A<li> keytool -list -protected -storepass password
0N/A Check error (password can not be specified with -protected)
0N/A<li> keytool -keypasswd -protected -keypass password
0N/A Check error (password can not be specified with -protected)
0N/A<li> keytool -keypasswd -protected -new password
0N/A Check error (password can not be specified with -protected)
0N/A</ol>
0N/A
0N/AMSCAPI tests (Only run on Windows)
0N/A
0N/A<ol>
0N/A <li>keytool -storetype Windows-MY -list
0N/A should list entries (may be 0) without asking for password
0N/A should not show ****** WARNING WARNING WARNING ****** lines
0N/A <li>keytool -storetype Windows-MY -list -keystore NONE
0N/A should list entries without asking for password
0N/A <li>keytool -storetype Windows-MY -list -keystore other
0N/A Error: storetype must be NONE
0N/A <li>keytool -storetype Windows-MY -list -storepass changeit
0N/A Error: storepass cannot be specfied
0N/A <li>keytool -storetype Windows-MY -list -storepasswd
0N/A Error: storepasswd not supported
0N/A</ol>
0N/A
0N/APKCS#11 tests
0N/A
0N/A<ol>
0N/A<li> sccs edit cert8.db key3.db
0N/A
0N/A<li> keytool -keystore NONE -storepass test12 -storetype PKCS11 -providerName SunPKCS11-nss -providerClass sun.security.pkcs11.SunPKCS11 -providerArg p11-nss.txt -genkey -alias genkey -dname cn=genkey -keysize 512 -keyalg rsa
0N/A<li> keytool -keystore NONE -storepass test12 -storetype PKCS11 -providerName SunPKCS11-nss -providerClass sun.security.pkcs11.SunPKCS11 -providerArg p11-nss.txt -list
0N/A<li> keytool -keystore NONE -storepass test12 -storetype PKCS11 -providerName SunPKCS11-nss -providerClass sun.security.pkcs11.SunPKCS11 -providerArg p11-nss.txt -list -alias genkey
0N/A<li> keytool -keystore NONE -storepass test12 -storetype PKCS11 -providerName SunPKCS11-nss -providerClass sun.security.pkcs11.SunPKCS11 -providerArg p11-nss.txt -certreq -alias genkey -file genkey.certreq
0N/A<li> keytool -keystore NONE -storepass test12 -storetype PKCS11 -providerName SunPKCS11-nss -providerClass sun.security.pkcs11.SunPKCS11 -providerArg p11-nss.txt -export -alias genkey -file genkey.cert
0N/A<li> keytool -printcert -file genkey.cert
0N/A<li> keytool -keystore NONE -storepass test12 -storetype PKCS11 -providerName SunPKCS11-nss -providerClass sun.security.pkcs11.SunPKCS11 -providerArg p11-nss.txt -selfcert -alias genkey -dname cn=selfCert
0N/A
0N/A<li> keytool -keystore NONE -storepass test12 -storetype PKCS11 -providerName SunPKCS11-nss -providerClass sun.security.pkcs11.SunPKCS11 -providerArg p11-nss.txt -list -alias genkey -v
0N/A(check that cert subject DN is [cn=selfCert])
0N/A
0N/A<li> keytool -keystore NONE -storepass test12 -storetype PKCS11 -providerName SunPKCS11-nss -providerClass sun.security.pkcs11.SunPKCS11 -providerArg p11-nss.txt -delete -alias genkey
0N/A<li> keytool -keystore NONE -storepass test12 -storetype PKCS11 -providerName SunPKCS11-nss -providerClass sun.security.pkcs11.SunPKCS11 -providerArg p11-nss.txt -list
0N/A(check for empty database listing)
0N/A
0N/A<li> sccs unedit cert8.db key3.db
0N/A
0N/A</ol>
0N/A
0N/AIf all the output (english) is correct, then the test passed.
0N/AOtherwise, the test failed.
0N/A
0N/APress "Pass" if ... press "Fail" otherwise.
0N/A
0N/A</body>
0N/A</html>