in modules/jdktools/src/main/java/org/apache/harmony/tools/keytool/HelpPrinter.java [132:320]
static void topicHelp(String topic) {
StringBuffer topicMsg = new StringBuffer();
if (topic.equalsIgnoreCase("certreq")) {
topicMsg.append(" Generates a Certificate Signing Request "
+ "(CSR). The request is generated\n");
topicMsg.append(" based on data taken from keystore entry "
+ "associated with alias given.\n");
topicMsg.append(" The certificate request "
+ "is printed to a file, if its name is supplied\n");
topicMsg.append(" or otherwise printed to stdout.\n");
topicMsg.append("\ncertreq Usage:\n");
topicMsg.append(certReq + alias + certReqFile + newLine + sigAlg
+ keyPass + ksTypePassVProvCacerts);
} else if (topic.equalsIgnoreCase("checkcrl")) {
topicMsg.append(" Checks if the certificate given in the file "
+ "is contained in the CRL which\n");
topicMsg.append(" is stored in the CRL file. If the file "
+ "name is not given, stdin is used.\n");
topicMsg.append("\ncheckcrl Usage:\n");
topicMsg.append(checkCRL + certFile + crlFile
+ ksTypePassVProvCacerts);
} else if (topic.equalsIgnoreCase("convert")) {
topicMsg.append(" Converts keystore to another format.\n"
+ " If \"-convkeys\" option has been specified, "
+ "an attempt to convert\n key entries is performed."
+ " Only entries with password equal to \n"
+ " keystore password are converted.\n");
topicMsg.append("\nconvert Usage:\n");
topicMsg.append(convert + convStoreType + convKeyStore + newLine
+ convStorePass + convKeys + ksTypePassVProvCacerts);
} else if (topic.equalsIgnoreCase("delete")) {
topicMsg.append(" Removes from the keystore the entry "
+ "associated with alias.\n");
topicMsg.append("\ndelete Usage:\n");
topicMsg.append(delete + alias + ksTypePassVProvCacerts);
} else if (topic.equalsIgnoreCase("export")) {
topicMsg.append(" Reads an X.509 certificate associated with "
+ "alias and prints it into the\n");
topicMsg.append(" given file. If The file");
topicMsg.append(" name is not given, the certificate is printed\n"
+ " to stdout.\n");
topicMsg.append("\nexport Usage:\n");
topicMsg.append(export + verboseOrRfc + alias + certFile
+ ksTypePassVProvCacerts);
} else if (topic.equalsIgnoreCase("genkey")) {
topicMsg.append(" Generates a key pair or a secret key."
+ " Key pair is composed of a private\n");
topicMsg.append(" and a public key. Wraps the public key "
+ "into a self-signed X.509\n");
topicMsg.append(" (v1, v2, v3) certificate and puts the "
+ "certificate into a single-element\n");
topicMsg.append(" certificate chain or signs the certificate "
+ "with private key from another\n");
topicMsg.append(" key entry and adds its chain to the newly "
+ "generated certificate . After\n");
topicMsg.append(" that adds to the keystore a new "
+ "entry containing the generated\n");
topicMsg.append(" private key and the chain. If a secret key is "
+ "generated it is put into a\n");
topicMsg
.append(" secret key entry, with null certificate chain.\n");
topicMsg
.append(" If \"-ca\" option is specified, generated certificate\n");
topicMsg
.append(" will can be used for signing another certificates.\n");
topicMsg
.append(" If \"-secretkey\" option is specified, a secret key will.\n");
topicMsg
.append(" be generated instead of key pair and a certificate which\n");
topicMsg.append(" are generated by default. \n");
topicMsg.append("\ngenkey usage\n");
topicMsg.append(genKey + alias + keyAlg + newLine + keySize
+ sigAlg + newLine + validity + dName + newLine
+ x509version + ca + serialNum + newLine + secretKey
+ keyPass + newLine + issuer + issuerPass
+ ksTypePassVProvCacerts);
} else if (topic.equalsIgnoreCase("help")) {
printHelp();
} else if (topic.equalsIgnoreCase("import")) {
topicMsg.append(" Reads an X.509 certificate or a PKCS#7 "
+ "formatted certificate chain from\n");
topicMsg.append(" the file specified in param and puts it "
+ "into the entry identified by the\n");
topicMsg.append(" supplied alias. If the input file is "
+ "not specified, the certificates are\n");
topicMsg.append(" read from the standard input.\n");
topicMsg.append("\nimport Usage:\n");
topicMsg.append(sImport + alias + certFile + newLine + noPrompt
+ trustCAcerts + newLine + keyPass + cacerts + newLine
+ cacertsPass + ksTypePassVProvCacerts);
} else if (topic.equalsIgnoreCase("keyclone")) {
topicMsg.append(" Copies the key and the certificate "
+ "chain (if any) from the keystore entry\n");
topicMsg.append(" identified by given alias into a newly "
+ "created one with given destination.\n");
topicMsg.append("\nkeyclone Usage:\n");
topicMsg.append(keyClone + alias + dest + newLine + sNew + keyPass
+ ksTypePassVProvCacerts);
} else if (topic.equalsIgnoreCase("keypasswd")) {
topicMsg.append(" Changes the key password to the new one.\n");
topicMsg.append("\nkeypasswd Usage:\n");
topicMsg.append(keyPasswd + alias + oldKeyPass + newLine + sNew
+ ksTypePassVProvCacerts);
} else if (topic.equalsIgnoreCase("list")) {
topicMsg.append(" Prints the contents of the entry associated "
+ "with the alias given. \n");
topicMsg.append(" If no alias is specified, the contents of "
+ "the entire keystore are printed.\n");
topicMsg.append("\nlist Usage:\n");
topicMsg.append(list + verboseOrRfc + alias
+ ksTypePassVProvCacerts);
} else if (topic.equalsIgnoreCase("printcert")) {
topicMsg.append(" Prints the detailed description of a "
+ "certificate in a human-readable\n");
topicMsg.append(" format: its owner and issuer, serial number, "
+ "validity period and\n");
topicMsg.append(" fingerprints.\n");
topicMsg.append("\nprintcert Usage:\n");
topicMsg.append(printCert + verbose + certFile + doubleNewLine);
} else if (topic.equalsIgnoreCase("selfcert")) {
topicMsg.append(" Generates an X.509 (v1, v2, v3) self-signed "
+ "certificate using a key pair\n");
topicMsg.append(" associated with alias. "
+ "If X.500 Distinguished Name is supplied it is \n");
topicMsg.append(" used as both subject and issuer of the"
+ "certificate. Otherwise the\n");
topicMsg.append(" distinguished name associated with alias is"
+ " used. Signature algorithm,\n");
topicMsg.append(" validity period and certificate serial"
+ " number are taken from command line if \n");
topicMsg.append(" defined there or "
+ "from the keystore entry identified by alias.\n");
topicMsg
.append(" If \"-ca\" option is specified, generated certificate\n");
topicMsg
.append(" will can be used for signing another certificates.\n");
topicMsg
.append(" If \"-secretkey\" option is specified, a secret key will.\n");
topicMsg
.append(" be generated instead of key pair and a certificate which\n");
topicMsg.append(" are generated by default. \n");
topicMsg.append("\nselfcert Usage:\n");
topicMsg.append(selfCert + alias + dName + newLine + validity
+ sigAlg + newLine + keyPass + ca + serialNum
+ ksTypePassVProvCacerts);
} else if (topic.equalsIgnoreCase("storepasswd")) {
topicMsg.append(" Changes the keystore password to the new one.\n");
topicMsg.append("\nstorepasswd Usage:\n");
topicMsg.append(storePasswd + sNew + ksTypePassVProvCacerts);
} else if (topic.equalsIgnoreCase("verify")) {
topicMsg.append(" A cerificate chain is built by looking up "
+ "the certificate of the issuer\n");
topicMsg.append(" of the current certificate. If a sertificate "
+ "is self-signed it is assumed\n");
topicMsg.append(" to be the root CA. After that the certificates "
+ "are searched in the lists\n");
topicMsg.append(" of revoked certificates. Certificate signatures "
+ "are checked and\n");
topicMsg.append(" certificate path is built in the same way as in "
+ "import operation. If an\n");
topicMsg.append(" error occurs the flow is not stopped but an "
+ "attempt to continue is made.\n");
topicMsg.append(" The results of the verification are"
+ " printed to stdout.\n");
topicMsg.append("\nverify Usage:\n");
topicMsg.append(verify + certFile + crlFile + newLine
+ trustCAcerts + cacerts + newLine + cacertsPass
+ ksTypePassVProvCacerts);
} else {
System.out.println("The option with name <" + topic
+ "> is unknown.");
printHelp();
return;
}
System.out.println(topicMsg);
}