New jdk/test/sun/security/tools/keytool/ReadJar.java

   1 /*
   2  * Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 /**
  25  * @test
  26  * @bug 6890872 8168882
  27  * @summary keytool -printcert to recognize signed jar files
  28  * @library /test/lib
  29  */
  30 
  31 import java.nio.file.Files;
  32 import java.nio.file.Paths;
  33 import jdk.test.lib.SecurityTools;
  34 import jdk.test.lib.process.OutputAnalyzer;
  35 import jdk.test.lib.util.JarUtils;
  36 
  37 public class ReadJar {
  38 
  39     public static void main(String[] args) throws Throwable {
  40         testWithMD5();
  41     }
  42 
  43     // make sure that -printcert option works
  44     // if a weak algorithm was used for signing a jar
  45     private static void testWithMD5() throws Throwable {
  46         // create jar files
  47         JarUtils.createJar("test_md5.jar", "test");
  48         JarUtils.createJar("test_rsa.jar", "test");
  49 
  50         // create a keystore and generate keys for jar signing
  51         Files.deleteIfExists(Paths.get("keystore"));
  52 
  53         OutputAnalyzer out = SecurityTools.keytool("-genkeypair "
  54                 + "-keystore keystore -storepass password "
  55                 + "-keypass password -keyalg rsa -alias rsa_alias -dname CN=A");
  56         System.out.println(out.getOutput());
  57         out.shouldHaveExitValue(0);
  58 
  59         out = SecurityTools.jarsigner("-keystore keystore -storepass password "
  60                 + "test_rsa.jar rsa_alias");
  61         System.out.println(out.getOutput());
  62         out.shouldHaveExitValue(0);
  63 
  64         printCert("test_rsa.jar");
  65 
  66         out = SecurityTools.jarsigner("-keystore keystore -storepass password "
  67                 + "-sigalg MD5withRSA -digestalg MD5 test_md5.jar rsa_alias");
  68         System.out.println(out.getOutput());
  69         out.shouldHaveExitValue(0);
  70 
  71         printCert("test_md5.jar");
  72     }
  73 
  74     private static void printCert(String jar) throws Throwable {
  75         OutputAnalyzer out = SecurityTools.keytool("-printcert -jarfile " + jar);
  76         System.out.println(out.getOutput());
  77         out.shouldHaveExitValue(0);
  78         out.shouldNotContain("Not a signed jar file");
  79 
  80         out = SecurityTools.keytool("-printcert -rfc -jarfile " + jar);
  81         System.out.println(out.getOutput());
  82         out.shouldHaveExitValue(0);
  83         out.shouldNotContain("Not a signed jar file");
  84     }
  85 }