Hi Philipp, Thanks for looking into this.
We have thought about this several years ago (when ToolProvider was created and javac became a tool) but had decided not to do it. There were several reasons: 1. These tools have too many functions, esp, keytool. 2. There are user interactions that do not match the ToolProvider style, especially, the password input. 3. A lot of functions are already available through public APIs, for example, verification of signed jars, reading certificates, managing entries in a keystore. So at last we decided to only extract some functions (that can only be down with the tool) into individual APIs and let these tools call them. This includes: 1. Signing of jars. 2. Generating certificates and certificate requests. The first is now a JDK API. The second one is stalled. We are not sure how useful it is and it’s a pain describing X.509 extensions. Any more discussion is welcome. Thanks, Max > 在 2019年2月27日,15:25,Philipp Kunz <philipp.k...@paratix.ch> 写道: > > Quite a few command line tools are available through > java.util.spi.ToolProvider. But not so jarsigner and keytool.
