1 /*
   2  * Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 /**
  25  * @test
  26  * @bug 6890872 8168882
  27  * @summary keytool -printcert to recognize signed jar files
  28  * @library /test/lib
  29  * @library /lib/testlibrary
  30  */
  31 
  32 import java.nio.file.Files;
  33 import java.nio.file.Paths;
  34 import jdk.test.lib.SecurityTools;
  35 import jdk.test.lib.process.OutputAnalyzer;
  36 import jdk.testlibrary.JarUtils;
  37 
  38 public class ReadJar {
  39 
  40     public static void main(String[] args) throws Throwable {
  41         testWithMD5();
  42     }
  43 
  44     // make sure that -printcert option works
  45     // if a weak algorithm was used for signing a jar
  46     private static void testWithMD5() throws Throwable {
  47         // create jar files
  48         JarUtils.createJar("test_md5.jar", "test");
  49         JarUtils.createJar("test_rsa.jar", "test");
  50 
  51         // create a keystore and generate keys for jar signing
  52         Files.deleteIfExists(Paths.get("keystore"));
  53 
  54         OutputAnalyzer out = SecurityTools.keytool("-genkeypair "
  55                 + "-keystore keystore -storepass password "
  56                 + "-keypass password -keyalg rsa -alias rsa_alias -dname CN=A");
  57         System.out.println(out.getOutput());
  58         out.shouldHaveExitValue(0);
  59 
  60         out = SecurityTools.jarsigner("-keystore keystore -storepass password "
  61                 + "test_rsa.jar rsa_alias");
  62         System.out.println(out.getOutput());
  63         out.shouldHaveExitValue(0);
  64 
  65         printCert("test_rsa.jar");
  66 
  67         out = SecurityTools.jarsigner("-keystore keystore -storepass password "
  68                 + "-sigalg MD5withRSA -digestalg MD5 test_md5.jar rsa_alias");
  69         System.out.println(out.getOutput());
  70         out.shouldHaveExitValue(0);
  71 
  72         printCert("test_md5.jar");
  73     }
  74 
  75     private static void printCert(String jar) throws Throwable {
  76         OutputAnalyzer out = SecurityTools.keytool("-printcert -jarfile " + jar);
  77         System.out.println(out.getOutput());
  78         out.shouldHaveExitValue(0);
  79         out.shouldNotContain("Not a signed jar file");
  80 
  81         out = SecurityTools.keytool("-printcert -rfc -jarfile " + jar);
  82         System.out.println(out.getOutput());
  83         out.shouldHaveExitValue(0);
  84         out.shouldNotContain("Not a signed jar file");
  85     }
  86 }