New src/jdk.incubator.jpackage/macosx/classes/jdk/incubator/jpackage/internal/MacCertificate.java

   1 /*
   2  * Copyright (c) 2016, 2019, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package jdk.incubator.jpackage.internal;
  27 
  28 import java.io.ByteArrayInputStream;
  29 import java.io.ByteArrayOutputStream;
  30 import java.io.File;
  31 import java.io.IOException;
  32 import java.io.PrintStream;
  33 import java.nio.file.StandardCopyOption;
  34 import java.nio.file.Files;
  35 import java.text.DateFormat;
  36 import java.text.ParseException;
  37 import java.text.SimpleDateFormat;
  38 import java.util.ArrayList;
  39 import java.util.Calendar;
  40 import java.util.Date;
  41 import java.util.List;
  42 import java.util.Locale;
  43 
  44 public final class MacCertificate {
  45     private final String certificate;
  46 
  47     public MacCertificate(String certificate) {
  48         this.certificate = certificate;
  49     }
  50 
  51     public boolean isValid() {
  52         return verifyCertificate(this.certificate);
  53     }
  54 
  55     private static File findCertificate(String certificate) {
  56         File result = null;
  57 
  58         List<String> args = new ArrayList<>();
  59         args.add("security");
  60         args.add("find-certificate");
  61         args.add("-c");
  62         args.add(certificate);
  63         args.add("-a");
  64         args.add("-p");
  65 
  66         try (ByteArrayOutputStream baos = new ByteArrayOutputStream();
  67                 PrintStream ps = new PrintStream(baos)) {
  68             ProcessBuilder security = new ProcessBuilder(args);
  69             IOUtils.exec(security, false, ps);
  70 
  71             File output = File.createTempFile("tempfile", ".tmp");
  72 
  73             Files.copy(new ByteArrayInputStream(baos.toByteArray()),
  74                     output.toPath(), StandardCopyOption.REPLACE_EXISTING);
  75 
  76             result = output;
  77         }
  78         catch (IOException ignored) {}
  79 
  80         return result;
  81     }
  82 
  83     private static Date findCertificateDate(String filename) {
  84         Date result = null;
  85 
  86         List<String> args = new ArrayList<>();
  87         args.add("/usr/bin/openssl");
  88         args.add("x509");
  89         args.add("-noout");
  90         args.add("-enddate");
  91         args.add("-in");
  92         args.add(filename);
  93 
  94         try (ByteArrayOutputStream baos = new ByteArrayOutputStream();
  95                 PrintStream ps = new PrintStream(baos)) {
  96             ProcessBuilder security = new ProcessBuilder(args);
  97             IOUtils.exec(security, false, ps);
  98             String output = baos.toString();
  99             output = output.substring(output.indexOf("=") + 1);
 100             DateFormat df = new SimpleDateFormat(
 101                     "MMM dd kk:mm:ss yyyy z", Locale.ENGLISH);
 102             result = df.parse(output);
 103         } catch (IOException | ParseException ex) {
 104             Log.verbose(ex);
 105         }
 106 
 107         return result;
 108     }
 109 
 110     private static boolean verifyCertificate(String certificate) {
 111         boolean result = false;
 112 
 113         try {
 114             File file = null;
 115             Date certificateDate = null;
 116 
 117             try {
 118                 file = findCertificate(certificate);
 119 
 120                 if (file != null) {
 121                     certificateDate = findCertificateDate(
 122                             file.getCanonicalPath());
 123                 }
 124             }
 125             finally {
 126                 if (file != null) {
 127                     file.delete();
 128                 }
 129             }
 130 
 131             if (certificateDate != null) {
 132                 Calendar c = Calendar.getInstance();
 133                 Date today = c.getTime();
 134 
 135                 if (certificateDate.after(today)) {
 136                     result = true;
 137                 }
 138             }
 139         }
 140         catch (IOException ignored) {}
 141 
 142         return result;
 143     }
 144 }