1 /*
   2  * Copyright (c) 2013, 2016, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 import jdk.testlibrary.OutputAnalyzer;
  25 
  26 /**
  27  * Base class.
  28  */
  29 public abstract class Test {
  30 
  31     static final String TEST_SOURCES = System.getProperty("test.src", ".");
  32     static final String TEST_CLASSES = System.getProperty("test.classes");
  33     static final String FS = System.getProperty("file.separator");
  34     static final String JAVA_HOME = System.getProperty("test.jdk");
  35     static final String KEYTOOL = JAVA_HOME + FS + "bin" + FS + "keytool";
  36     static final String JARSIGNER = JAVA_HOME + FS + "bin" + FS + "jarsigner";
  37     static final String UNSIGNED_JARFILE = "unsigned.jar";
  38     static final String SIGNED_JARFILE = "signed.jar";
  39     static final String UPDATED_SIGNED_JARFILE = "updated_signed.jar";
  40     static final String FIRST_FILE = "first.txt";
  41     static final String SECOND_FILE = "second.txt";
  42     static final String PASSWORD = "password";
  43     static final String BOTH_KEYS_KEYSTORE = "both_keys.jks";
  44     static final String FIRST_KEY_KEYSTORE = "first_key.jks";
  45     static final String KEYSTORE = "keystore.jks";
  46     static final String FIRST_KEY_ALIAS = "first";
  47     static final String SECOND_KEY_ALIAS = "second";
  48     static final String KEY_ALG = "RSA";
  49     static final String KEY_ALIAS = "alias";
  50     static final String CERT_REQUEST_FILENAME = "test.req";
  51     static final String CERT_FILENAME = "test.crt";
  52     static final String CA_KEY_ALIAS = "ca";
  53     static final int KEY_SIZE = 2048;
  54     static final int TIMEOUT = 6 * 60 * 1000;   // in millis
  55     static final int VALIDITY = 365;
  56 
  57     static final String WARNING = "Warning:";
  58 
  59     static final String CHAIN_NOT_VALIDATED_VERIFYING_WARNING
  60             = "This jar contains entries "
  61             + "whose certificate chain is not validated.";
  62 
  63     static final String ALIAS_NOT_IN_STORE_VERIFYING_WARNING
  64             = "This jar contains signed entries "
  65             + "that are not signed by alias in this keystore.";
  66 
  67     static final String BAD_EXTENDED_KEY_USAGE_SIGNING_WARNING
  68             = "The signer certificate's ExtendedKeyUsage extension "
  69             + "doesn't allow code signing.";
  70 
  71     static final String BAD_EXTENDED_KEY_USAGE_VERIFYING_WARNING
  72             = "This jar contains entries whose signer certificate's "
  73             + "ExtendedKeyUsage extension doesn't allow code signing.";
  74 
  75     static final String BAD_KEY_USAGE_SIGNING_WARNING
  76             = "The signer certificate's KeyUsage extension "
  77             + "doesn't allow code signing.";
  78 
  79     static final String BAD_KEY_USAGE_VERIFYING_WARNING
  80             = "This jar contains entries whose signer certificate's KeyUsage "
  81             + "extension doesn't allow code signing.";
  82 
  83     static final String BAD_NETSCAPE_CERT_TYPE_SIGNING_WARNING
  84             = "The signer certificate's NetscapeCertType extension "
  85             + "doesn't allow code signing.";
  86 
  87     static final String BAD_NETSCAPE_CERT_TYPE_VERIFYING_WARNING
  88             = "This jar contains entries "
  89             + "whose signer certificate's NetscapeCertType extension "
  90             + "doesn't allow code signing.";
  91 
  92     static final String CHAIN_NOT_VALIDATED_SIGNING_WARNING
  93             = "The signer's certificate chain is not validated.";
  94 
  95     static final String HAS_EXPIRING_CERT_SIGNING_WARNING
  96             = "The signer certificate will expire within six months.";
  97 
  98     static final String HAS_EXPIRING_CERT_VERIFYING_WARNING
  99             = "This jar contains entries "
 100             + "whose signer certificate will expire within six months.";
 101 
 102     static final String HAS_EXPIRED_CERT_SIGNING_WARNING
 103             = "The signer certificate has expired.";
 104 
 105     static final String HAS_EXPIRED_CERT_VERIFYING_WARNING
 106             = "This jar contains entries whose signer certificate has expired.";
 107 
 108     static final String HAS_UNSIGNED_ENTRY_VERIFYING_WARNING
 109             = "This jar contains unsigned entries "
 110             + "which have not been integrity-checked.";
 111 
 112     static final String NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING
 113             = "This jar contains signed entries "
 114             + "which are not signed by the specified alias(es).";
 115 
 116     static final String NO_TIMESTAMP_SIGNING_WARN_TEMPLATE
 117             = "No -tsa or -tsacert is provided "
 118             + "and this jar is not timestamped. "
 119             + "Without a timestamp, users may not be able to validate this jar "
 120             + "after the signer certificate's expiration date "
 121             + "(%1$tY-%1$tm-%1$td) or after any future revocation date.";
 122 
 123     static final String NO_TIMESTAMP_VERIFYING_WARN_TEMPLATE
 124             = "This jar contains signatures that does not include a timestamp. "
 125             + "Without a timestamp, users may not be able to validate this jar "
 126             + "after the signer certificate's expiration date "
 127             + "(%1$tY-%1$tm-%1$td) or after any future revocation date.";
 128 
 129     static final String NOT_YET_VALID_CERT_SIGNING_WARNING
 130             = "The signer certificate is not yet valid.";
 131 
 132     static final String NOT_YET_VALID_CERT_VERIFYING_WARNING
 133             = "This jar contains entries "
 134             + "whose signer certificate is not yet valid.";
 135 
 136     static final String JAR_SIGNED = "jar signed.";
 137 
 138     static final String JAR_VERIFIED = "jar verified.";
 139 
 140     static final String JAR_VERIFIED_WITH_SIGNER_ERRORS
 141             = "jar verified, with signer errors.";
 142 
 143     static final int CHAIN_NOT_VALIDATED_EXIT_CODE = 4;
 144     static final int HAS_EXPIRED_CERT_EXIT_CODE = 4;
 145     static final int BAD_KEY_USAGE_EXIT_CODE = 8;
 146     static final int BAD_EXTENDED_KEY_USAGE_EXIT_CODE = 8;
 147     static final int BAD_NETSCAPE_CERT_TYPE_EXIT_CODE = 8;
 148     static final int HAS_UNSIGNED_ENTRY_EXIT_CODE = 16;
 149     static final int ALIAS_NOT_IN_STORE_EXIT_CODE = 32;
 150     static final int NOT_SIGNED_BY_ALIAS_EXIT_CODE = 32;
 151 
 152     protected void checkVerifying(OutputAnalyzer analyzer, int expectedExitCode,
 153             String... warnings) {
 154         analyzer.shouldHaveExitValue(expectedExitCode);
 155         for (String warning : warnings) {
 156             analyzer.shouldContain(warning);
 157         }
 158         if (warnings.length > 0) {
 159             analyzer.shouldContain(WARNING);
 160         }
 161         if (expectedExitCode == 0) {
 162             analyzer.shouldContain(JAR_VERIFIED);
 163         } else {
 164             analyzer.shouldContain(JAR_VERIFIED_WITH_SIGNER_ERRORS);
 165         }
 166     }
 167 
 168     protected void checkSigning(OutputAnalyzer analyzer, String... warnings) {
 169         analyzer.shouldHaveExitValue(0);
 170         for (String warning : warnings) {
 171             analyzer.shouldContain(warning);
 172         }
 173         if (warnings.length > 0) {
 174             analyzer.shouldContain(WARNING);
 175         }
 176         analyzer.shouldContain(JAR_SIGNED);
 177     }
 178 }