Escapes commas in dname when generating the signing key (#395)

* Escapes commas in dname when generating the signing key See https://stackoverflow.com/questions/11808391/keytool-error-java-io-ioexceptionincorrect-ava-format
GoogleChromeLabs · Nov 9, 2020 · df3443a · df3443a
1 parent e93ea14
commit df3443a
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 7 deletions.
diff --git a/packages/core/src/lib/jdk/KeyTool.ts b/packages/core/src/lib/jdk/KeyTool.ts
@@ -72,8 +72,10 @@ export class KeyTool {
     const keytoolCmd = [
       'keytool',
       '-genkeypair',
-      `-dname "cn=${keyOptions.fullName}, ou=${keyOptions.organizationalUnit}, ` +
-          `o=${keyOptions.organization}, c=${keyOptions.country}"`,
+      `-dname "cn=${KeyTool.escapeDName(keyOptions.fullName)}, ` +
+          `ou=${KeyTool.escapeDName(keyOptions.organizationalUnit)}, ` +
+          `o=${KeyTool.escapeDName(keyOptions.organization)}, ` +
+          `c=${KeyTool.escapeDName(keyOptions.country)}"`,
       `-alias \"${keyOptions.alias}\"`,
       `-keypass \"${keyOptions.keypassword}\"`,
       `-keystore \"${keyOptions.path}\"`,
@@ -122,6 +124,13 @@ export class KeyTool {
     return KeyTool.parseKeyInfo(rawKeyInfo);
   }
 
+  /**
+   * The commas in the dname field from key tool must be escaped, so that 'te,st' becomes 'te\,st'.
+   */
+  private static escapeDName(input: string): string {
+    return input.replace(/,/g, '\\,');
+  }
+
   /**
    * Parses the output of `keytool --list` and returns a structured {@link KeyInfo}. Currently,
    * only extracts the fingerprints.

diff --git a/packages/core/src/spec/lib/jdk/KeyToolSpec.ts b/packages/core/src/spec/lib/jdk/KeyToolSpec.ts
@@ -58,9 +58,9 @@ describe('KeyTool', () => {
       alias: 'keyalias',
       keypassword: 'keypass',
       password: 'pass',
-      fullName: 'Test User',
-      organization: 'Test Organization',
-      organizationalUnit: 'Testers',
+      fullName: 'Test, User',
+      organization: 'Test, Organization',
+      organizationalUnit: 'Tes,ters',
       country: 'GB',
     } as CreateKeyOptions;
 
@@ -72,8 +72,8 @@ describe('KeyTool', () => {
       expect(util.execute).toHaveBeenCalledWith([
         'keytool',
         '-genkeypair',
-        `-dname "cn=${keyOptions.fullName}, ou=${keyOptions.organizationalUnit}, ` +
-            `o=${keyOptions.organization}, c=${keyOptions.country}"`,
+        '-dname "cn=Test\\, User, ou=Tes\\,ters, ' +
+            `o=Test\\, Organization, c=${keyOptions.country}"`,
         `-alias "${keyOptions.alias}"`,
         `-keypass "${keyOptions.keypassword}"`,
         `-keystore "${keyOptions.path}"`,