-
Bug
-
Resolution: Fixed
-
P3
-
8u65, 9
-
b133
-
x86_64
-
generic
FULL PRODUCT VERSION :
- Java(TM) SE Runtime Environment (build 1.8.0_65-b17); Java HotSpot(TM) 64-Bit Server VM (build 25.65-b01, mixed mode)
- Java(TM) SE Runtime Environment (build 1.8.0_65-b17); Java HotSpot(TM) Client VM (build 25.65-b01, mixed mode)
- Java(TM) SE Runtime Environment (build 1.7.0_79-b15); Java HotSpot(TM) 64-Bit Server VM (build 24.79-b02, mixed mode)
- Java(TM) SE Runtime Environment (build 1.7.0_79-b15); Java HotSpot(TM) Client VM (build 24.79-b02, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
- Windows 7 Professional (64-bit) with Service Pack 1
- Debian GNU/Linux 7.9; 3.2.0-4-686-pae #1 SMP Debian 3.2.68-1+deb7u4 i686 GNU/Linux
A DESCRIPTION OF THE PROBLEM :
keytool can wrongly parse the start date value given by the -startdate option, if it is given in the form of "yyyy/MM/dd HH:mm:ss" or "HH:mm:ss".
For example, if you generate a key pair by specifying the start date as "12:34:56", then the generated key pair should be valid from 12:34:56 today. However, it is actually valid from 12:12:12 today. Below is a sample output on Windows platform.
---- quote ----
C:\Temp>"C:\Program Files\Java\jdk1.8.0_65\bin\keytool.exe" -genkeypair -dname "cn=sample,dc=example,dc=com" -startdate "12:34:56" -keystore sample.keystore
Enter keystore password:
Re-enter new password:
Enter key password for <mykey>
(RETURN if same as keystore password):
C:\Temp>"C:\Program Files\Java\jdk1.8.0_65\bin\keytool.exe" -list -v -keystore sample.keystore
Enter keystore password:
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 1 entry
Alias name: mykey
Creation date: 28 Oct, 2015
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=sample, DC=example, DC=com
Issuer: CN=sample, DC=example, DC=com
Serial number: 7492b9ba
Valid from: Wed Oct 28 12:12:12 JST 2015 until: Tue Jan 26 12:12:12 JST 2016
Certificate fingerprints:
MD5: F3:DC:7F:3E:AA:D0:C2:E9:60:7B:DF:16:A1:3E:49:64
SHA1: 06:00:18:C4:24:D1:03:94:CA:34:35:98:68:DD:67:55:6C:10:81:CA
SHA256: A6:D4:1F:F9:AE:9B:1E:6B:F9:92:0F:F3:94:4D:44:7B:54:BA:D5:14:A6:94:BB:AB:6F:C7:4E:2D:73:17:EE:E6
Signature algorithm name: SHA1withDSA
Version: 3
Extensions:
#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 0C 32 D9 54 A9 23 BA 8B A2 C4 75 15 68 2B 49 52 .2.T.#....u.h+IR
0010: 23 F9 89 86 #...
]
]
*******************************************
*******************************************
C:\Temp>
----unquote----
It is reproduced in both JDK7 and JDK8 on both Windows and Linux platforms.
The time of the start date given in the form of "HH:mm:ss" is always parsed wrongly into "HH:HH:HH".
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1) Execute keytool to generate a key pair by specifying the start date in the form of "yyyy//MM/dd HH:mm:ss" or "HH:mm:ss".
e.g. keytool -genkeypair -dn "cn=sample,dc=example,dc=com" -startdate "2015/10/28 12:00:00" -keystore sample.keystore
2) View the generated key pair.
e.g. keytool -list -v -keystore sample.keystore
And you will find the validity starts from 12:12:12 instead of 12:00:00.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
The validity should start at 12:34:56 today, if you give "12:34:56" for the -startdate option.
The validity should start at 12:00:00 on Oct 28, 2015, if you give "2015/10/28 12:00:00" for the -startdate option.
ACTUAL -
If you give "12:34:56" for the -startdate option, then the generated key pair claims it is valid from 12:12:12 today.
If you give "2015/10/28 12:00:00" for the -startdate option, then the generated key pair claims it is valid from 12:12:12 on Oct 28, 2015.
REPRODUCIBILITY :
This bug can be reproduced always.
- Java(TM) SE Runtime Environment (build 1.8.0_65-b17); Java HotSpot(TM) 64-Bit Server VM (build 25.65-b01, mixed mode)
- Java(TM) SE Runtime Environment (build 1.8.0_65-b17); Java HotSpot(TM) Client VM (build 25.65-b01, mixed mode)
- Java(TM) SE Runtime Environment (build 1.7.0_79-b15); Java HotSpot(TM) 64-Bit Server VM (build 24.79-b02, mixed mode)
- Java(TM) SE Runtime Environment (build 1.7.0_79-b15); Java HotSpot(TM) Client VM (build 24.79-b02, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
- Windows 7 Professional (64-bit) with Service Pack 1
- Debian GNU/Linux 7.9; 3.2.0-4-686-pae #1 SMP Debian 3.2.68-1+deb7u4 i686 GNU/Linux
A DESCRIPTION OF THE PROBLEM :
keytool can wrongly parse the start date value given by the -startdate option, if it is given in the form of "yyyy/MM/dd HH:mm:ss" or "HH:mm:ss".
For example, if you generate a key pair by specifying the start date as "12:34:56", then the generated key pair should be valid from 12:34:56 today. However, it is actually valid from 12:12:12 today. Below is a sample output on Windows platform.
---- quote ----
C:\Temp>"C:\Program Files\Java\jdk1.8.0_65\bin\keytool.exe" -genkeypair -dname "cn=sample,dc=example,dc=com" -startdate "12:34:56" -keystore sample.keystore
Enter keystore password:
Re-enter new password:
Enter key password for <mykey>
(RETURN if same as keystore password):
C:\Temp>"C:\Program Files\Java\jdk1.8.0_65\bin\keytool.exe" -list -v -keystore sample.keystore
Enter keystore password:
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 1 entry
Alias name: mykey
Creation date: 28 Oct, 2015
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=sample, DC=example, DC=com
Issuer: CN=sample, DC=example, DC=com
Serial number: 7492b9ba
Valid from: Wed Oct 28 12:12:12 JST 2015 until: Tue Jan 26 12:12:12 JST 2016
Certificate fingerprints:
MD5: F3:DC:7F:3E:AA:D0:C2:E9:60:7B:DF:16:A1:3E:49:64
SHA1: 06:00:18:C4:24:D1:03:94:CA:34:35:98:68:DD:67:55:6C:10:81:CA
SHA256: A6:D4:1F:F9:AE:9B:1E:6B:F9:92:0F:F3:94:4D:44:7B:54:BA:D5:14:A6:94:BB:AB:6F:C7:4E:2D:73:17:EE:E6
Signature algorithm name: SHA1withDSA
Version: 3
Extensions:
#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 0C 32 D9 54 A9 23 BA 8B A2 C4 75 15 68 2B 49 52 .2.T.#....u.h+IR
0010: 23 F9 89 86 #...
]
]
*******************************************
*******************************************
C:\Temp>
----unquote----
It is reproduced in both JDK7 and JDK8 on both Windows and Linux platforms.
The time of the start date given in the form of "HH:mm:ss" is always parsed wrongly into "HH:HH:HH".
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1) Execute keytool to generate a key pair by specifying the start date in the form of "yyyy//MM/dd HH:mm:ss" or "HH:mm:ss".
e.g. keytool -genkeypair -dn "cn=sample,dc=example,dc=com" -startdate "2015/10/28 12:00:00" -keystore sample.keystore
2) View the generated key pair.
e.g. keytool -list -v -keystore sample.keystore
And you will find the validity starts from 12:12:12 instead of 12:00:00.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
The validity should start at 12:34:56 today, if you give "12:34:56" for the -startdate option.
The validity should start at 12:00:00 on Oct 28, 2015, if you give "2015/10/28 12:00:00" for the -startdate option.
ACTUAL -
If you give "12:34:56" for the -startdate option, then the generated key pair claims it is valid from 12:12:12 today.
If you give "2015/10/28 12:00:00" for the -startdate option, then the generated key pair claims it is valid from 12:12:12 on Oct 28, 2015.
REPRODUCIBILITY :
This bug can be reproduced always.