diff options
| author | Brian Carlstrom <bdc@google.com> | 2010-03-09 11:30:13 -0800 |
|---|---|---|
| committer | Brian Carlstrom <bdc@google.com> | 2010-03-09 14:22:00 -0800 |
| commit | 5fac0c6c58f9ca7eaa86396f35a87b23ea092c99 (patch) | |
| tree | 2af035946f126c88c923afd9b8df24b7833f832e /security/src | |
| parent | c4653e6d009058c2986ebb4dc172178359f22da3 (diff) | |
| download | libcore-5fac0c6c58f9ca7eaa86396f35a87b23ea092c99.zip libcore-5fac0c6c58f9ca7eaa86396f35a87b23ea092c99.tar.gz libcore-5fac0c6c58f9ca7eaa86396f35a87b23ea092c99.tar.bz2 | |
Fix certimport.sh to check for Bouncy Castle provider installation (and add 1.6 JDK to PATH)
Now if certimport.sh is run on a machine without the
BouncyCastleProvider installed, it will suggest how to apt-get install
the proper package.
At enh's suggestion, I tried running with out own local Bouncy Castle
classes to see what would happen, but the code ended up depending on
our NativeCrypto JNI code and there that isn't proper JNI code to be
loading into a RI JDK.
Also at enh's suggestion, we now prepend a JDK 1.6 bin directory to
the path for correctly correct default behavior. I do make sure it
exists and warn if it does not.
Change-Id: Ic936a6cc69fa3795e917c052ed79d19b2e66b5a1
Diffstat (limited to 'security/src')
| -rwxr-xr-x | security/src/main/files/certimport.sh | 36 |
1 files changed, 32 insertions, 4 deletions
diff --git a/security/src/main/files/certimport.sh b/security/src/main/files/certimport.sh index c021a10..ca36a70 100755 --- a/security/src/main/files/certimport.sh +++ b/security/src/main/files/certimport.sh @@ -7,12 +7,40 @@ set -e CERTSTORE=cacerts.bks +# put required 1.6 VM at head of PATH +JDK6PATH=/usr/lib/jvm/java-6-sun/bin +if [ ! -e $JDK6PATH/java ] ; then + set +x + echo + echo "WARNING: could not find $JDK6PATH/java but continuing anyway." + echo " you might consider making sure the expected JDK is installed" + echo " or updating its location in this script." + echo + set -x +fi +export PATH=$JDK6PATH:$PATH + # Check java version. JAVA_VERSION=`java -version 2>&1 | head -1` JAVA_VERSION_MINOR=`expr match "$JAVA_VERSION" "java version \"[1-9]\.\([0-9]\).*\""` if [ $JAVA_VERSION_MINOR -lt 6 ]; then - echo "java version 1.6 or greater required for keytool usage" - exit 255 + set +x + echo + echo "ERROR: java version 1.6 or greater required for keytool usage" + echo + exit 1 +fi + +PROVIDER_CLASS=org.bouncycastle.jce.provider.BouncyCastleProvider +PROVIDER_PATH=/usr/share/java/bcprov.jar + +if [ ! -e $PROVIDER_PATH ] ; then + set +x + echo + echo "ERROR: could not find provider path $PROVIDER_PATH. Try installing with:" + echo " sudo apt-get install libbcprov-java" + echo + exit 1 fi if [ -a $CERTSTORE ]; then @@ -34,8 +62,8 @@ for cert in `ls -1 cacerts` -file <(openssl x509 -in cacerts/$cert) \ -keystore $CERTSTORE \ -storetype BKS \ - -provider org.bouncycastle.jce.provider.BouncyCastleProvider \ - -providerpath /usr/share/java/bcprov.jar \ + -provider $PROVIDER_CLASS \ + -providerpath $PROVIDER_PATH \ -storepass $STOREPASS let "COUNTER=$COUNTER + 1" done |