New test/jdk/sun/security/tools/jarsigner/warnings/NotYetValidCertTest.java

   1 /*
   2  * Copyright (c) 2013, 2018, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 import jdk.test.lib.process.OutputAnalyzer;
  25 import jdk.test.lib.util.JarUtils;
  26 
  27 /**
  28  * @test
  29  * @bug 8024302 8026037
  30  * @summary Test for notYetValidCert warning
  31  * @library /test/lib ../
  32  * @build jdk.test.lib.util.JarUtils
  33  * @run main NotYetValidCertTest
  34  */
  35 public class NotYetValidCertTest extends Test {
  36 
  37     /**
  38      * The test signs and verifies a jar that contains entries
  39      * whose signer certificate is not yet valid (notYetValidCert).
  40      * Warning message is expected.
  41      */
  42     public static void main(String[] args) throws Throwable {
  43         NotYetValidCertTest test = new NotYetValidCertTest();
  44         test.start();
  45     }
  46 
  47     protected void start() throws Throwable {
  48         // create a jar file that contains one class file
  49         Utils.createFiles(FIRST_FILE);
  50         JarUtils.createJar(UNSIGNED_JARFILE, FIRST_FILE);
  51 
  52         // create certificate that will be valid only tomorrow
  53         createAlias(CA_KEY_ALIAS);
  54         createAlias(KEY_ALIAS);
  55 
  56         issueCert(
  57                 KEY_ALIAS,
  58                 "-startdate", "+1d",
  59                 "-validity", Integer.toString(VALIDITY));
  60 
  61         // sign jar
  62         OutputAnalyzer analyzer = jarsigner(
  63                 "-keystore", KEYSTORE,
  64                 "-storepass", PASSWORD,
  65                 "-keypass", PASSWORD,
  66                 "-signedjar", SIGNED_JARFILE,
  67                 UNSIGNED_JARFILE,
  68                 KEY_ALIAS);
  69 
  70         checkSigning(analyzer, NOT_YET_VALID_CERT_SIGNING_WARNING);
  71 
  72         // verify signed jar
  73         analyzer = jarsigner(
  74                 "-verify",
  75                 "-verbose",
  76                 "-keystore", KEYSTORE,
  77                 "-storepass", PASSWORD,
  78                 "-keypass", PASSWORD,
  79                 SIGNED_JARFILE,
  80                 KEY_ALIAS);
  81 
  82         checkVerifying(analyzer, 0, NOT_YET_VALID_CERT_VERIFYING_WARNING);
  83 
  84         // verify jar in strict mode
  85         analyzer = jarsigner(
  86                 "-verify",
  87                 "-verbose",
  88                 "-strict",
  89                 "-keystore", KEYSTORE,
  90                 "-storepass", PASSWORD,
  91                 "-keypass", PASSWORD,
  92                 SIGNED_JARFILE,
  93                 KEY_ALIAS);
  94 
  95         checkVerifying(analyzer, HAS_EXPIRED_CERT_EXIT_CODE,
  96                 NOT_YET_VALID_CERT_VERIFYING_WARNING);
  97 
  98         System.out.println("Test passed");
  99     }
 100 
 101 }