JDK-8029659 : Keytool, print key algorithm of certificate or key entry
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: java.security
  • Priority: P4
  • Status: Closed
  • Resolution: Fixed
  • Submitted: 2013-12-06
  • Updated: 2018-02-08
  • Resolved: 2014-10-14
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 7 JDK 8 JDK 9 Other
7u171Fixed 8u151Fixed 9 b36Fixed openjdk7uFixed
Related Reports
Relates :  
JDK-8181737 - Support secret keys and trusted certs in PKCS12 keystore
Sub Tasks
JDK-8185696 :  
Release Note: keytool now prints out information of a certificate's public key - Closed
Description
keytool -list and -printcert option cannot show subject public key algorithms of a certificate.  Nice to have this feature to make it easier to identify what the subject key algorithm is used.
Comments
Got it. Openssl has Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (2048 bit) Modulus (2048 bit): 00:8e:43:ea:e9:79:11:b1:62:69:05:d0:66:90:8c: b2:6d:86:70:15:66:69:fe:cf:48:7a:c2:32:9f:8f: ce:dd:91:3b:25:92:fd:9a:f1:3f:62:4a:75:b0:3a: d8:b7:ef:26:f3:d3:f2:72:19:a1:9f:0f:92:ba:e3: fc:30:8c:3f:a0:1b:43:9b:c5:a0:1c:93:cd:af:27: 2f:68:6f:fc:86:3a:23:7e:40:d3:57:24:96:e2:75: d7:b1:57:61:64:1f:fd:6f:e3:7b:f7:f8:23:d6:c1: c2:0b:dd:35:f1:fe:b5:21:2e:7d:63:ae:09:b9:fa: 32:13:7b:72:56:3c:c9:37:e9:6b:f6:6e:f0:01:e4: 58:e6:ff:b4:4f:4e:71:a6:44:46:02:01:3f:2f:de: 34:ba:71:a7:ba:ed:c5:7e:5e:fb:a8:47:69:54:06: a7:ea:12:82:df:30:f6:0a:95:bd:f3:13:67:69:60: c2:70:86:71:78:88:7e:dd:1d:0b:b8:36:d9:71:1c: dd:e6:9a:08:54:8b:b4:68:ff:36:13:6c:37:33:cb: aa:23:12:b7:de:46:2b:b8:3b:87:d9:a0:fc:cf:0d: 4e:7e:84:a3:d1:88:81:15:57:91:52:ee:c4:9a:a9: 58:1c:b1:7f:db:ce:d4:aa:83:d9:28:b2:cd:77:b9: d2:79 Exponent: 65537 (0x10001) or Subject Public Key Info: Public Key Algorithm: id-ecPublicKey EC Public Key: pub: 04:e4:7b:b0:b0:79:7f:8c:d7:10:20:5b:03:37:dc: 0b:cd:ab:c9:c0:da:0c:68:c5:7e:d3:5c:da:cb:34: 8d:67:b4:97:53:fd:81:dc:43:02:10:40:2c:06:f6: 88:48:80:58:a3:f1:56:56:a3:ea:83:6d:51:a4:d1: 01:05:a2:17:12 ASN1 OID: prime256v1 or Subject Public Key Info: Public Key Algorithm: dsaEncryption DSA Public Key: pub: 00:bd:13:66:d9:e4:0a:57:34:56:be:70:05:0e:dc: 04:ed:6b:b1:80:b6:72:14:49:4a:8d:16:5a:ab:dd: 8c:67:da:2c:dc:8c:47:14:d6:65:27:ba:79:b2:cd: ca:63:04:4c:6d:d2:8d:76:fe:09:4d:90:9f:d6:86: 93:8d:43:17:c8:4c:ef:6c:f2:34:d9:f5:f0:b0:9b: f6:21:9f:72:ba:0d:41:01:16:5a:c9:d0:fb:a6:85: d4:a9:be:c3:ae:60:e5:99:ec:08:70:21:56:a8:f4: 0e:0b:da:ab:62:7a:1c:7f:0e:b3:e3:96:3e:27:c5: 85:8b:41:42:16:08:a8:20:41 P: 00:fd:7f:53:81:1d:75:12:29:52:df:4a:9c:2e:ec: e4:e7:f6:11:b7:52:3c:ef:44:00:c3:1e:3f:80:b6: 51:26:69:45:5d:40:22:51:fb:59:3d:8d:58:fa:bf: c5:f5:ba:30:f6:cb:9b:55:6c:d7:81:3b:80:1d:34: 6f:f2:66:60:b7:6b:99:50:a5:a4:9f:9f:e8:04:7b: 10:22:c2:4f:bb:a9:d7:fe:b7:c6:1b:f8:3b:57:e7: c6:a8:a6:15:0f:04:fb:83:f6:d3:c5:1e:c3:02:35: 54:13:5a:16:91:32:f6:75:f3:ae:2b:61:d7:2a:ef: f2:22:03:19:9d:d1:48:01:c7 Q: 00:97:60:50:8f:15:23:0b:cc:b2:92:b9:82:a2:eb: 84:0b:f0:58:1c:f5 G: 00:f7:e1:a0:85:d6:9b:3d:de:cb:bc:ab:5c:36:b8: 57:b9:79:94:af:bb:fa:3a:ea:82:f9:57:4c:0b:3d: 07:82:67:51:59:57:8e:ba:d4:59:4f:e6:71:07:10: 81:80:b4:49:16:71:23:e8:4c:28:16:13:b7:cf:09: 32:8c:c8:a6:e1:3c:16:7a:8b:54:7c:8d:28:e0:a3: ae:1e:2b:b3:a6:75:91:6e:a3:7f:0b:fa:21:35:62: f1:fb:62:7a:01:24:3b:cc:a4:f1:be:a8:51:90:89: a8:83:df:e1:5a:e5:9f:06:92:8b:66:5e:80:7b:55: 25:64:01:4c:3b:fe:cf:49:2a How much do you need? BTW, it seems cert.getPublicKey().toString() contains all same info. Just not very beautified.
16-01-2014
+1 to Xuelei's comments.
15-01-2014
"Signature algorithm name" is the signature algorithm name, but not the public key name. For example, the public key may be a RSA key, but signed with EC algorithm. The message may looks like: Subject Public Key Algorithm: RSA (2048) Good to have the detailed public key info.
15-01-2014
With -v it already shows a field named "Signature algorithm name". Is that enough to derive the algorithm name of private/public keys? Or, if any other info is needed, please give an output example.
06-12-2013