--- old/doc-files/javafxsdk.tbom 2016-12-01 17:22:57.000000000 -0800
+++ new/doc-files/javafxsdk.tbom 2016-12-01 17:22:57.000000000 -0800
@@ -134,4 +134,9 @@
file-type="JavaProperties"/>
+
+
+
+
--- old/modules/jdk.packager/src/main/java/com/oracle/tools/packager/IOUtils.java 2016-12-01 17:22:58.000000000 -0800
+++ new/modules/jdk.packager/src/main/java/com/oracle/tools/packager/IOUtils.java 2016-12-01 17:22:58.000000000 -0800
@@ -153,7 +153,7 @@
String lineRead;
while ((lineRead = br.readLine()) != null) {
if (consumer != null) {
- consumer.print(lineRead);
+ consumer.print(lineRead + '\n');
} else if (verbose) {
Log.info(lineRead);
} else {
--- old/modules/jdk.packager/src/main/java/com/oracle/tools/packager/mac/MacAppBundler.java 2016-12-01 17:22:59.000000000 -0800
+++ new/modules/jdk.packager/src/main/java/com/oracle/tools/packager/mac/MacAppBundler.java 2016-12-01 17:22:59.000000000 -0800
@@ -51,6 +51,7 @@
import static com.oracle.tools.packager.StandardBundlerParam.*;
import static com.oracle.tools.packager.mac.MacBaseInstallerBundler.*;
import jdk.packager.builders.AbstractAppImageBuilder;
+import jdk.packager.internal.mac.MacCertificate;
public class MacAppBundler extends AbstractImageBundler {
@@ -182,7 +183,20 @@
I18N.getString("param.signing-key-developer-id-app.description"),
"mac.signing-key-developer-id-app",
String.class,
- params -> MacBaseInstallerBundler.findKey("Developer ID Application: " + SIGNING_KEY_USER.fetchFrom(params), SIGNING_KEYCHAIN.fetchFrom(params), VERBOSE.fetchFrom(params)),
+ params -> {
+ String result = MacBaseInstallerBundler.findKey("Developer ID Application: " + SIGNING_KEY_USER.fetchFrom(params),
+ SIGNING_KEYCHAIN.fetchFrom(params),
+ VERBOSE.fetchFrom(params));
+ if (result != null) {
+ MacCertificate certificate = new MacCertificate(result, VERBOSE.fetchFrom(params));
+
+ if (!certificate.isValid()) {
+ Log.info(MessageFormat.format(I18N.getString("error.certificate.expired"), result));
+ }
+ }
+
+ return result;
+ },
(s, p) -> s);
public static final BundlerParamInfo BUNDLE_ID_SIGNING_PREFIX = new StandardBundlerParam<>(
--- old/modules/jdk.packager/src/main/java/com/oracle/tools/packager/mac/MacAppStoreBundler.java 2016-12-01 17:23:00.000000000 -0800
+++ new/modules/jdk.packager/src/main/java/com/oracle/tools/packager/mac/MacAppStoreBundler.java 2016-12-01 17:22:59.000000000 -0800
@@ -49,6 +49,22 @@
import static com.oracle.tools.packager.StandardBundlerParam.*;
import static com.oracle.tools.packager.mac.MacAppBundler.*;
+import java.io.BufferedOutputStream;
+import java.io.BufferedReader;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.FileOutputStream;
+import java.io.InputStreamReader;
+import java.io.PrintStream;
+import java.text.DateFormat;
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+import java.util.Calendar;
+import java.util.Date;
+import java.util.Locale;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+import jdk.packager.internal.mac.MacCertificate;
public class MacAppStoreBundler extends MacBaseInstallerBundler {
@@ -64,7 +80,20 @@
I18N.getString("param.signing-key-app.description"),
"mac.signing-key-app",
String.class,
- params -> MacBaseInstallerBundler.findKey("3rd Party Mac Developer Application: " + SIGNING_KEY_USER.fetchFrom(params), SIGNING_KEYCHAIN.fetchFrom(params), VERBOSE.fetchFrom(params)),
+ params -> {
+ String result = MacBaseInstallerBundler.findKey("3rd Party Mac Developer Application: " + SIGNING_KEY_USER.fetchFrom(params),
+ SIGNING_KEYCHAIN.fetchFrom(params),
+ VERBOSE.fetchFrom(params));
+ if (result != null) {
+ MacCertificate certificate = new MacCertificate(result, VERBOSE.fetchFrom(params));
+
+ if (!certificate.isValid()) {
+ Log.info(MessageFormat.format(I18N.getString("error.certificate.expired"), result));
+ }
+ }
+
+ return result;
+ },
(s, p) -> s);
public static final BundlerParamInfo MAC_APP_STORE_PKG_SIGNING_KEY = new StandardBundlerParam<>(
--- old/modules/jdk.packager/src/main/java/com/oracle/tools/packager/mac/MacBaseInstallerBundler.java 2016-12-01 17:23:01.000000000 -0800
+++ new/modules/jdk.packager/src/main/java/com/oracle/tools/packager/mac/MacBaseInstallerBundler.java 2016-12-01 17:23:00.000000000 -0800
@@ -216,12 +216,6 @@
return DAEMON_BUNDLER.fetchFrom(p).doBundle(p, daemonImageRoot, true);
}
-// public static void signAppBundle(Map params, File appLocation, String signingIdentity, String identifierPrefix) throws IOException {
-// signAppBundle(params, appLocation, signingIdentity, identifierPrefix, null, null);
-// }
-//
-
-
@Override
public Collection> getBundleParameters() {
Collection> results = new LinkedHashSet<>();
--- old/modules/jdk.packager/src/main/java/com/oracle/tools/packager/mac/MacPkgBundler.java 2016-12-01 17:23:01.000000000 -0800
+++ new/modules/jdk.packager/src/main/java/com/oracle/tools/packager/mac/MacPkgBundler.java 2016-12-01 17:23:01.000000000 -0800
@@ -53,6 +53,9 @@
import java.util.ResourceBundle;
import static com.oracle.tools.packager.StandardBundlerParam.*;
+import static com.oracle.tools.packager.mac.MacBaseInstallerBundler.SIGNING_KEYCHAIN;
+import static com.oracle.tools.packager.mac.MacBaseInstallerBundler.SIGNING_KEY_USER;
+import jdk.packager.internal.mac.MacCertificate;
public class MacPkgBundler extends MacBaseInstallerBundler {
@@ -97,7 +100,20 @@
I18N.getString("param.signing-key-developer-id-installer.description"),
"mac.signing-key-developer-id-installer",
String.class,
- params -> MacBaseInstallerBundler.findKey("Developer ID Installer: " + SIGNING_KEY_USER.fetchFrom(params), SIGNING_KEYCHAIN.fetchFrom(params), VERBOSE.fetchFrom(params)),
+ params -> {
+ String result = MacBaseInstallerBundler.findKey("Developer ID Installer: " + SIGNING_KEY_USER.fetchFrom(params),
+ SIGNING_KEYCHAIN.fetchFrom(params),
+ VERBOSE.fetchFrom(params));
+ if (result != null) {
+ MacCertificate certificate = new MacCertificate(result, VERBOSE.fetchFrom(params));
+
+ if (!certificate.isValid()) {
+ Log.info(MessageFormat.format(I18N.getString("error.certificate.expired"), result));
+ }
+ }
+
+ return result;
+ },
(s, p) -> s);
public static final BundlerParamInfo INSTALLER_SUFFIX = new StandardBundlerParam<> (
--- old/modules/jdk.packager/src/main/resources/com/oracle/tools/packager/mac/MacAppStoreBundler.properties 2016-12-01 17:23:02.000000000 -0800
+++ new/modules/jdk.packager/src/main/resources/com/oracle/tools/packager/mac/MacAppStoreBundler.properties 2016-12-01 17:23:02.000000000 -0800
@@ -28,6 +28,8 @@
error.no-app-signing-key.advice=Install your app signing keys into your Mac Keychain using XCode.
error.no-pkg-signing-key=No Mac App Store Installer Signing Key
error.no-pkg-signing-key.advice=Install your app signing keys into your Mac Keychain using XCode.
+error.certificate.expired=Error: Certificate expired {0}.
+
message.config-save-location=Config files are saved to {0}. Use them to customize package.
message.building-bundle=Building Mac App Store Bundle for {0}
--- /dev/null 2016-12-01 17:23:03.000000000 -0800
+++ new/modules/jdk.packager/src/main/java/jdk/packager/internal/mac/MacCertificate.java 2016-12-01 17:23:03.000000000 -0800
@@ -0,0 +1,159 @@
+/*
+ * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package jdk.packager.internal.mac;
+
+import com.oracle.tools.packager.IOUtils;
+import java.io.BufferedOutputStream;
+import java.io.BufferedReader;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.File;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.io.PrintStream;
+import java.text.DateFormat;
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+import java.util.ArrayList;
+import java.util.Calendar;
+import java.util.Date;
+import java.util.List;
+import java.util.Locale;
+
+final public class MacCertificate {
+ private String certificate;
+ private boolean verbose;
+
+ public MacCertificate(String certificate) {
+ this.certificate = certificate;
+ this.verbose = false;
+ }
+
+ public MacCertificate(String certificate, boolean verbose) {
+ this.certificate = certificate;
+ this.verbose = verbose;
+ }
+
+ public boolean isValid() {
+ return verifyCertificate(this.certificate, verbose);
+ }
+
+ private static File findCertificate(String certificate, boolean verbose) {
+ File result = null;
+
+ List args = new ArrayList<>();
+ args.add("security");
+ args.add("find-certificate");
+ args.add("-c");
+ args.add(certificate);
+ args.add("-a");
+ args.add("-p");
+
+ try (ByteArrayOutputStream baos = new ByteArrayOutputStream(); PrintStream ps = new PrintStream(baos)) {
+ ProcessBuilder security = new ProcessBuilder(args);
+ IOUtils.exec(security, verbose, false, ps);
+
+ File output = File.createTempFile("tempfile", ".tmp");
+ PrintStream p = new PrintStream(new BufferedOutputStream(new FileOutputStream(output, true)));
+ BufferedReader bfReader = new BufferedReader(new InputStreamReader(new ByteArrayInputStream(baos.toByteArray())));
+ String line = null;
+
+ while((line = bfReader.readLine()) != null){
+ p.println(line);
+ }
+
+ p.close();
+ result = output;
+ }
+ catch (IOException ioe) {
+ }
+
+ return result;
+ }
+
+ private static Date findCertificateDate(String filename, boolean verbose) {
+ Date result = null;
+
+ List args = new ArrayList<>();
+ args.add("/usr/bin/openssl");
+ args.add("x509");
+ args.add("-noout");
+ args.add("-enddate");
+ args.add("-in");
+ args.add(filename);
+
+ try (ByteArrayOutputStream baos = new ByteArrayOutputStream(); PrintStream ps = new PrintStream(baos)) {
+ ProcessBuilder security = new ProcessBuilder(args);
+ IOUtils.exec(security, verbose, false, ps);
+ String output = baos.toString();
+ output = output.substring(output.indexOf("=") + 1);
+ DateFormat df = new SimpleDateFormat("MMM dd kk:mm:ss yyyy z", Locale.ENGLISH);
+ result = df.parse(output);
+ }
+ catch (IOException ioe) {
+ }
+ catch (ParseException ex) {
+ }
+
+ return result;
+ }
+
+ private static boolean verifyCertificate(String certificate, boolean verbose) {
+ boolean result = false;
+
+ try {
+ File file = null;
+ Date certificateDate = null;
+
+ try {
+ file = findCertificate(certificate, verbose);
+
+ if (file != null) {
+ certificateDate = findCertificateDate(file.getCanonicalPath(), verbose);
+ }
+ }
+ finally {
+ if (file != null) {
+ file.delete();
+ }
+ }
+
+ if (certificateDate != null) {
+ Calendar c = Calendar.getInstance();
+ Date today = c.getTime();
+
+ if (certificateDate.after(today)) {
+ result = true;
+ }
+ }
+ }
+ catch (IOException ex) {
+ }
+
+ return result;
+ }
+}
\ No newline at end of file