1 /*
2 * Copyright (c) 2013, 2018, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24 import java.io.FileInputStream;
25 import java.io.InputStream;
26 import java.security.KeyStore;
27 import java.security.cert.X509Certificate;
28 import java.util.Date;
29 import java.util.Locale;
30
31 import jdk.test.lib.process.OutputAnalyzer;
32 import jdk.test.lib.util.JarUtils;
33
34 /**
35 * @test
36 * @bug 8024302 8026037 8196213
37 * @summary Checks warnings if -tsa and -tsacert options are not specified
38 * @library /test/lib ../
39 * @build jdk.test.lib.util.JarUtils
40 * @run main NoTimestampTest
41 */
42 public class NoTimestampTest extends Test {
43
44 /**
45 * The test signs and verifies a jar file without -tsa and -tsacert options,
46 * and checks that proper warnings are shown.
47 */
48 public static void main(String[] args) throws Throwable {
49 Locale reservedLocale = Locale.getDefault();
50 Locale.setDefault(Locale.US);
51
52 try {
53 NoTimestampTest test = new NoTimestampTest();
54 test.start();
55 } finally {
56 // Restore the reserved locale
57 Locale.setDefault(reservedLocale);
58 }
59 }
60
61 private void start() throws Throwable {
62 String timezone = System.getProperty("user.timezone");
63 System.out.println(String.format("Timezone = %s", timezone));
64
65 // create a jar file that contains one class file
66 Utils.createFiles(FIRST_FILE);
67 JarUtils.createJar(UNSIGNED_JARFILE, FIRST_FILE);
68
69 // create key pair
70 createAlias(CA_KEY_ALIAS);
71 createAlias(KEY_ALIAS);
72 issueCert(KEY_ALIAS,
73 "-validity", Integer.toString(VALIDITY));
74
75 Date expirationDate = getCertExpirationDate();
76
77 // sign jar file
78 OutputAnalyzer analyzer = jarsigner(
79 "-J-Duser.timezone=" + timezone,
80 "-keystore", KEYSTORE,
81 "-storepass", PASSWORD,
82 "-keypass", PASSWORD,
83 "-signedjar", SIGNED_JARFILE,
84 UNSIGNED_JARFILE,
85 KEY_ALIAS);
86
87 String warning = String.format(NO_TIMESTAMP_SIGNING_WARN_TEMPLATE,
88 expirationDate);
89 checkSigning(analyzer, warning);
90
91 // verify signed jar
92 analyzer = jarsigner(
93 "-J-Duser.timezone=" + timezone,
94 "-verify",
95 "-keystore", KEYSTORE,
96 "-storepass", PASSWORD,
97 "-keypass", PASSWORD,
98 SIGNED_JARFILE,
99 KEY_ALIAS);
100
101 warning = String.format(NO_TIMESTAMP_VERIFYING_WARN_TEMPLATE, expirationDate);
102 checkVerifying(analyzer, 0, warning);
103
104 // verify signed jar in strict mode
105 analyzer = jarsigner(
106 "-J-Duser.timezone=" + timezone,
107 "-verify",
108 "-strict",
109 "-keystore", KEYSTORE,
110 "-storepass", PASSWORD,
111 "-keypass", PASSWORD,
112 SIGNED_JARFILE,
113 KEY_ALIAS);
114
115 checkVerifying(analyzer, 0, warning);
116
117 System.out.println("Test passed");
118 }
119
120 private static Date getCertExpirationDate() throws Exception {
121 KeyStore ks = KeyStore.getInstance("JKS");
122 try (InputStream in = new FileInputStream(KEYSTORE)) {
123 ks.load(in, PASSWORD.toCharArray());
124 }
125 X509Certificate cert = (X509Certificate) ks.getCertificate(KEY_ALIAS);
126 return cert.getNotAfter();
127 }
128 }