1 /*
2 * Copyright (c) 2013, 2015, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24 import jdk.testlibrary.OutputAnalyzer;
25 import jdk.testlibrary.ProcessTools;
26 import jdk.testlibrary.JarUtils;
27
28 /**
29 * @test
30 * @bug 8024302 8026037
31 * @summary Test for hasUnsignedEntry warning
32 * @library /lib/testlibrary ../
33 * @run main HasUnsignedEntryTest
34 */
35 public class HasUnsignedEntryTest extends Test {
36
37 /**
38 * The test signs and verifies a jar that contains unsigned entries
39 * which have not been integrity-checked (hasUnsignedEntry).
40 * Warning message is expected.
41 */
42 public static void main(String[] args) throws Throwable {
43 HasUnsignedEntryTest test = new HasUnsignedEntryTest();
44 test.start();
45 }
46
47 private void start() throws Throwable {
48 System.out.println(String.format("Create a %s that contains %s",
49 UNSIGNED_JARFILE, FIRST_FILE));
50 Utils.createFiles(FIRST_FILE, SECOND_FILE);
51 JarUtils.createJar(UNSIGNED_JARFILE, FIRST_FILE);
52
53 // create key pair for signing
54 ProcessTools.executeCommand(KEYTOOL,
55 "-genkey",
56 "-alias", KEY_ALIAS,
57 "-keyalg", KEY_ALG,
58 "-keysize", Integer.toString(KEY_SIZE),
59 "-keystore", KEYSTORE,
60 "-storepass", PASSWORD,
61 "-keypass", PASSWORD,
62 "-dname", "CN=Test",
63 "-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
64
65 // sign jar
66 OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
67 "-verbose",
68 "-keystore", KEYSTORE,
69 "-storepass", PASSWORD,
70 "-keypass", PASSWORD,
71 "-signedjar", SIGNED_JARFILE,
72 UNSIGNED_JARFILE,
73 KEY_ALIAS);
74
75 checkSigning(analyzer);
76
77 System.out.println(String.format("Copy %s to %s, and add %s.class, "
78 + "so it contains unsigned entry",
79 new Object[]{SIGNED_JARFILE, UPDATED_SIGNED_JARFILE,
80 SECOND_FILE}));
81
82 JarUtils.updateJar(SIGNED_JARFILE, UPDATED_SIGNED_JARFILE, SECOND_FILE);
83
84 // verify jar
85 analyzer = ProcessTools.executeCommand(JARSIGNER,
86 "-verify",
87 "-verbose",
88 "-keystore", KEYSTORE,
89 "-storepass", PASSWORD,
90 "-keypass", PASSWORD,
91 UPDATED_SIGNED_JARFILE);
92
93 checkVerifying(analyzer, 0, HAS_UNSIGNED_ENTRY_VERIFYING_WARNING);
94
95 // verify jar in strict mode
96 analyzer = ProcessTools.executeCommand(JARSIGNER,
97 "-verify",
98 "-verbose",
99 "-strict",
100 "-keystore", KEYSTORE,
101 "-storepass", PASSWORD,
102 "-keypass", PASSWORD,
103 UPDATED_SIGNED_JARFILE);
104
105 checkVerifying(analyzer, HAS_UNSIGNED_ENTRY_EXIT_CODE,
106 HAS_UNSIGNED_ENTRY_VERIFYING_WARNING);
107
108 System.out.println("Test passed");
109 }
110
111 }