Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8029659

Keytool, print key algorithm of certificate or key entry

    Details

    • Subcomponent:
    • Resolved In Build:
      b36
    • Verification:
      Verified

      Backports

        Description

        keytool -list and -printcert option cannot show subject public key algorithms of a certificate. Nice to have this feature to make it easier to identify what the subject key algorithm is used.

          Issue Links

            Activity

            Hide
            weijun Weijun Wang added a comment -
            With -v it already shows a field named "Signature algorithm name". Is that enough to derive the algorithm name of private/public keys? Or, if any other info is needed, please give an output example.
            Show
            weijun Weijun Wang added a comment - With -v it already shows a field named "Signature algorithm name". Is that enough to derive the algorithm name of private/public keys? Or, if any other info is needed, please give an output example.
            Hide
            xuelei Xue-Lei Fan added a comment -
            "Signature algorithm name" is the signature algorithm name, but not the public key name. For example, the public key may be a RSA key, but signed with EC algorithm. The message may looks like:

                Subject Public Key Algorithm: RSA (2048)

            Good to have the detailed public key info.
            Show
            xuelei Xue-Lei Fan added a comment - "Signature algorithm name" is the signature algorithm name, but not the public key name. For example, the public key may be a RSA key, but signed with EC algorithm. The message may looks like:     Subject Public Key Algorithm: RSA (2048) Good to have the detailed public key info.
            Hide
            wetmore Bradford Wetmore added a comment -
            +1 to Xuelei's comments.
            Show
            wetmore Bradford Wetmore added a comment - +1 to Xuelei's comments.
            Hide
            weijun Weijun Wang added a comment - - edited
            Got it. Openssl has

                    Subject Public Key Info:
                        Public Key Algorithm: rsaEncryption
                        RSA Public Key: (2048 bit)
                            Modulus (2048 bit):
                                00:8e:43:ea:e9:79:11:b1:62:69:05:d0:66:90:8c:
                                b2:6d:86:70:15:66:69:fe:cf:48:7a:c2:32:9f:8f:
                                ce:dd:91:3b:25:92:fd:9a:f1:3f:62:4a:75:b0:3a:
                                d8:b7:ef:26:f3:d3:f2:72:19:a1:9f:0f:92:ba:e3:
                                fc:30:8c:3f:a0:1b:43:9b:c5:a0:1c:93:cd:af:27:
                                2f:68:6f:fc:86:3a:23:7e:40:d3:57:24:96:e2:75:
                                d7:b1:57:61:64:1f:fd:6f:e3:7b:f7:f8:23:d6:c1:
                                c2:0b:dd:35:f1:fe:b5:21:2e:7d:63:ae:09:b9:fa:
                                32:13:7b:72:56:3c:c9:37:e9:6b:f6:6e:f0:01:e4:
                                58:e6:ff:b4:4f:4e:71:a6:44:46:02:01:3f:2f:de:
                                34:ba:71:a7:ba:ed:c5:7e:5e:fb:a8:47:69:54:06:
                                a7:ea:12:82:df:30:f6:0a:95:bd:f3:13:67:69:60:
                                c2:70:86:71:78:88:7e:dd:1d:0b:b8:36:d9:71:1c:
                                dd:e6:9a:08:54:8b:b4:68:ff:36:13:6c:37:33:cb:
                                aa:23:12:b7:de:46:2b:b8:3b:87:d9:a0:fc:cf:0d:
                                4e:7e:84:a3:d1:88:81:15:57:91:52:ee:c4:9a:a9:
                                58:1c:b1:7f:db:ce:d4:aa:83:d9:28:b2:cd:77:b9:
                                d2:79
                            Exponent: 65537 (0x10001)

            or

                    Subject Public Key Info:
                        Public Key Algorithm: id-ecPublicKey
                        EC Public Key:
                            pub:
                                04:e4:7b:b0:b0:79:7f:8c:d7:10:20:5b:03:37:dc:
                                0b:cd:ab:c9:c0:da:0c:68:c5:7e:d3:5c:da:cb:34:
                                8d:67:b4:97:53:fd:81:dc:43:02:10:40:2c:06:f6:
                                88:48:80:58:a3:f1:56:56:a3:ea:83:6d:51:a4:d1:
                                01:05:a2:17:12
                            ASN1 OID: prime256v1

            or

                    Subject Public Key Info:
                        Public Key Algorithm: dsaEncryption
                        DSA Public Key:
                            pub:
                                00:bd:13:66:d9:e4:0a:57:34:56:be:70:05:0e:dc:
                                04:ed:6b:b1:80:b6:72:14:49:4a:8d:16:5a:ab:dd:
                                8c:67:da:2c:dc:8c:47:14:d6:65:27:ba:79:b2:cd:
                                ca:63:04:4c:6d:d2:8d:76:fe:09:4d:90:9f:d6:86:
                                93:8d:43:17:c8:4c:ef:6c:f2:34:d9:f5:f0:b0:9b:
                                f6:21:9f:72:ba:0d:41:01:16:5a:c9:d0:fb:a6:85:
                                d4:a9:be:c3:ae:60:e5:99:ec:08:70:21:56:a8:f4:
                                0e:0b:da:ab:62:7a:1c:7f:0e:b3:e3:96:3e:27:c5:
                                85:8b:41:42:16:08:a8:20:41
                            P:
                                00:fd:7f:53:81:1d:75:12:29:52:df:4a:9c:2e:ec:
                                e4:e7:f6:11:b7:52:3c:ef:44:00:c3:1e:3f:80:b6:
                                51:26:69:45:5d:40:22:51:fb:59:3d:8d:58:fa:bf:
                                c5:f5:ba:30:f6:cb:9b:55:6c:d7:81:3b:80:1d:34:
                                6f:f2:66:60:b7:6b:99:50:a5:a4:9f:9f:e8:04:7b:
                                10:22:c2:4f:bb:a9:d7:fe:b7:c6:1b:f8:3b:57:e7:
                                c6:a8:a6:15:0f:04:fb:83:f6:d3:c5:1e:c3:02:35:
                                54:13:5a:16:91:32:f6:75:f3:ae:2b:61:d7:2a:ef:
                                f2:22:03:19:9d:d1:48:01:c7
                            Q:
                                00:97:60:50:8f:15:23:0b:cc:b2:92:b9:82:a2:eb:
                                84:0b:f0:58:1c:f5
                            G:
                                00:f7:e1:a0:85:d6:9b:3d:de:cb:bc:ab:5c:36:b8:
                                57:b9:79:94:af:bb:fa:3a:ea:82:f9:57:4c:0b:3d:
                                07:82:67:51:59:57:8e:ba:d4:59:4f:e6:71:07:10:
                                81:80:b4:49:16:71:23:e8:4c:28:16:13:b7:cf:09:
                                32:8c:c8:a6:e1:3c:16:7a:8b:54:7c:8d:28:e0:a3:
                                ae:1e:2b:b3:a6:75:91:6e:a3:7f:0b:fa:21:35:62:
                                f1:fb:62:7a:01:24:3b:cc:a4:f1:be:a8:51:90:89:
                                a8:83:df:e1:5a:e5:9f:06:92:8b:66:5e:80:7b:55:
                                25:64:01:4c:3b:fe:cf:49:2a

            How much do you need?

            BTW, it seems cert.getPublicKey().toString() contains all same info. Just not very beautified.
            Show
            weijun Weijun Wang added a comment - - edited Got it. Openssl has         Subject Public Key Info:             Public Key Algorithm: rsaEncryption             RSA Public Key: (2048 bit)                 Modulus (2048 bit):                     00:8e:43:ea:e9:79:11:b1:62:69:05:d0:66:90:8c:                     b2:6d:86:70:15:66:69:fe:cf:48:7a:c2:32:9f:8f:                     ce:dd:91:3b:25:92:fd:9a:f1:3f:62:4a:75:b0:3a:                     d8:b7:ef:26:f3:d3:f2:72:19:a1:9f:0f:92:ba:e3:                     fc:30:8c:3f:a0:1b:43:9b:c5:a0:1c:93:cd:af:27:                     2f:68:6f:fc:86:3a:23:7e:40:d3:57:24:96:e2:75:                     d7:b1:57:61:64:1f:fd:6f:e3:7b:f7:f8:23:d6:c1:                     c2:0b:dd:35:f1:fe:b5:21:2e:7d:63:ae:09:b9:fa:                     32:13:7b:72:56:3c:c9:37:e9:6b:f6:6e:f0:01:e4:                     58:e6:ff:b4:4f:4e:71:a6:44:46:02:01:3f:2f:de:                     34:ba:71:a7:ba:ed:c5:7e:5e:fb:a8:47:69:54:06:                     a7:ea:12:82:df:30:f6:0a:95:bd:f3:13:67:69:60:                     c2:70:86:71:78:88:7e:dd:1d:0b:b8:36:d9:71:1c:                     dd:e6:9a:08:54:8b:b4:68:ff:36:13:6c:37:33:cb:                     aa:23:12:b7:de:46:2b:b8:3b:87:d9:a0:fc:cf:0d:                     4e:7e:84:a3:d1:88:81:15:57:91:52:ee:c4:9a:a9:                     58:1c:b1:7f:db:ce:d4:aa:83:d9:28:b2:cd:77:b9:                     d2:79                 Exponent: 65537 (0x10001) or         Subject Public Key Info:             Public Key Algorithm: id-ecPublicKey             EC Public Key:                 pub:                     04:e4:7b:b0:b0:79:7f:8c:d7:10:20:5b:03:37:dc:                     0b:cd:ab:c9:c0:da:0c:68:c5:7e:d3:5c:da:cb:34:                     8d:67:b4:97:53:fd:81:dc:43:02:10:40:2c:06:f6:                     88:48:80:58:a3:f1:56:56:a3:ea:83:6d:51:a4:d1:                     01:05:a2:17:12                 ASN1 OID: prime256v1 or         Subject Public Key Info:             Public Key Algorithm: dsaEncryption             DSA Public Key:                 pub:                     00:bd:13:66:d9:e4:0a:57:34:56:be:70:05:0e:dc:                     04:ed:6b:b1:80:b6:72:14:49:4a:8d:16:5a:ab:dd:                     8c:67:da:2c:dc:8c:47:14:d6:65:27:ba:79:b2:cd:                     ca:63:04:4c:6d:d2:8d:76:fe:09:4d:90:9f:d6:86:                     93:8d:43:17:c8:4c:ef:6c:f2:34:d9:f5:f0:b0:9b:                     f6:21:9f:72:ba:0d:41:01:16:5a:c9:d0:fb:a6:85:                     d4:a9:be:c3:ae:60:e5:99:ec:08:70:21:56:a8:f4:                     0e:0b:da:ab:62:7a:1c:7f:0e:b3:e3:96:3e:27:c5:                     85:8b:41:42:16:08:a8:20:41                 P:                     00:fd:7f:53:81:1d:75:12:29:52:df:4a:9c:2e:ec:                     e4:e7:f6:11:b7:52:3c:ef:44:00:c3:1e:3f:80:b6:                     51:26:69:45:5d:40:22:51:fb:59:3d:8d:58:fa:bf:                     c5:f5:ba:30:f6:cb:9b:55:6c:d7:81:3b:80:1d:34:                     6f:f2:66:60:b7:6b:99:50:a5:a4:9f:9f:e8:04:7b:                     10:22:c2:4f:bb:a9:d7:fe:b7:c6:1b:f8:3b:57:e7:                     c6:a8:a6:15:0f:04:fb:83:f6:d3:c5:1e:c3:02:35:                     54:13:5a:16:91:32:f6:75:f3:ae:2b:61:d7:2a:ef:                     f2:22:03:19:9d:d1:48:01:c7                 Q:                     00:97:60:50:8f:15:23:0b:cc:b2:92:b9:82:a2:eb:                     84:0b:f0:58:1c:f5                 G:                     00:f7:e1:a0:85:d6:9b:3d:de:cb:bc:ab:5c:36:b8:                     57:b9:79:94:af:bb:fa:3a:ea:82:f9:57:4c:0b:3d:                     07:82:67:51:59:57:8e:ba:d4:59:4f:e6:71:07:10:                     81:80:b4:49:16:71:23:e8:4c:28:16:13:b7:cf:09:                     32:8c:c8:a6:e1:3c:16:7a:8b:54:7c:8d:28:e0:a3:                     ae:1e:2b:b3:a6:75:91:6e:a3:7f:0b:fa:21:35:62:                     f1:fb:62:7a:01:24:3b:cc:a4:f1:be:a8:51:90:89:                     a8:83:df:e1:5a:e5:9f:06:92:8b:66:5e:80:7b:55:                     25:64:01:4c:3b:fe:cf:49:2a How much do you need? BTW, it seems cert.getPublicKey().toString() contains all same info. Just not very beautified.
            Hide
            hgupdate HG Updates added a comment -
            URL: http://hg.openjdk.java.net/jdk9/dev/jdk/rev/ad3535f3abd2
            User: weijun
            Date: 2014-10-14 02:09:07 +0000
            Show
            hgupdate HG Updates added a comment - URL: http://hg.openjdk.java.net/jdk9/dev/jdk/rev/ad3535f3abd2 User: weijun Date: 2014-10-14 02:09:07 +0000
            Hide
            hgupdate HG Updates added a comment -
            URL: http://hg.openjdk.java.net/jdk9/jdk9/jdk/rev/ad3535f3abd2
            User: lana
            Date: 2014-10-22 18:55:37 +0000
            Show
            hgupdate HG Updates added a comment - URL: http://hg.openjdk.java.net/jdk9/jdk9/jdk/rev/ad3535f3abd2 User: lana Date: 2014-10-22 18:55:37 +0000

              People

              • Assignee:
                weijun Weijun Wang
                Reporter:
                xuelei Xue-Lei Fan
              • Votes:
                0 Vote for this issue
                Watchers:
                9 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: